My post is inspired by the following post. You can find there all explanation why and how to change the hash algorithm for password encryption. In my post, I will show you how to set the hash algorithm for password encryption in an automated way. I will use Sitecore Installation Framework (SIF) module and Sitecore Install Extensions (SIX) module.

SetXml Task

The first step is to set hash algorithm in a config file to SHA512; we can easily achieve this with a SetXml task from SIF module. SetXml task sets values in an XML document. After Sitecore installation, you have to execute the following step:

---

SetSitecoreAdminPassword Task

Next, you have to set Sitecore administrator password again; otherwise, you will be not able to login to the Sitecore. To change Sitecore administrator password, I implemented a task SetSitecoreAdminPassword

Note: Don't use SetSitecoreAdminPassword if you use different hash algorithm then SHA512.

---

Sitecore Install Extensions

Note: Required version 1.1.0.0
If Sitecore Install Extension is new for you, then you can read more on module wiki page.
The full configuration json file is available on GitHub. Parameters name are the same like in Sitecore-XP0.json. To execute tasks from configuration json, you can use the following script:

Import-Module SitecoreInstallFramework

$params = @{
    Path = "$PSScriptRoot\\security-hardening.json"
    SiteName = "sc90.local"
    SqlServer = $env:COMPUTERNAME
    SqlAdminUser = "sa"
    SqlAdminPassword = "password"
    SqlDbPrefix = "sc90"
}

Install-SitecoreConfiguration @params

---

Sitecore Sitecore Installation Framework Sitecore Install Extensions Powershell