Skip to content

Shared Password Hash

When using the shared password feature introduced in Transparent Lock Screen version 26.01, the shared password is not stored in plain text. Instead, a secure hash of the password is stored to enhance security.

Hashing is performed using the Argon2id algorithm, which is designed to be resistant to brute-force and rainbow table attacks. This makes the original password unrecoverable using any known methods.

If you need to set or change the shared password hash manually (for example, when deploying settings via Group Policy), you can generate the hash using the following command:

tls -hash <YourPassword>

Replace <YourPassword> with the desired shared password. If the password contains spaces or requires quoting, make sure to enclose it appropriately according to your command-line shell’s requirements.

The command can be used in scripted operations and works correctly with pipes and redirections.