YESCRYPT_COST_FACTOR (number) When ENCRYPT_METHOD is set to YESCRYPT, this defines the cost factor used by the encryption algorithm by default (when the cost factor is not specified on the command line). With a high cost factor, it is more difficult to brute force the password. But note also that more CPU resources will be needed to authenticate users. The value must be inside the 1-11 range. Note: This only affect the generation of group passwords. The generation of user passwords is done by PAM and subject to the PAM configuration. It is recommended to set this variable consistently with the PAM configuration.