Currently, when /etc/login.defs does not specify the ENCRYPT_METHOD setting, the fallback behavior in shadow is to use DES, one of the oldest and weakest encryption algorithms available.

In modern environments, especially those managed via automation (e.g., Ansible), misconfigurations like accidentally omitting a value are not uncommon. Falling back silently to DES can lead to insecure password hashes being created without any warning or indication, especially for group passwords (e.g., via gpasswd).

Proposal:

Change the default fallback to SHA512 when ENCRYPT_METHOD is unset.

Alternatively, emit a warning or hard failure if no method is defined, to prevent silent use of DES.

This behavior currently surprises users and introduces security risks that are hard to detect at scale.

We had a request assigned to RHEL (https://issues.redhat.com/browse/RHEL-99679), but I believe the best place to address this is upstream first.