It depends, we have a number of modules, please check com.haulmont.cuba.core.sys.encryption.EncryptionModule implementations.
As for the REST API - I don’t quite understand the question. All users are stored in the database in the same way, so you can use any username and password and use it to log in using Generic UI login form, if proper privileges are granted.
Why do you ask this, what are you going to achieve?
We are building some REST API using the Addon. Use authentication is using OAuth. The OAuth user is created in the Cuba admin screen, right ? The IT user is asking:
a) what is the password hash algo we are using (bcrypt is preferred)
b) what salt are we using (we are using user ID)
c) how many iterations of Hashing we do (I don’t know this).
Can you clarify how the standard password algo used ?