diff --git a/conf/attributes.yml b/conf/attributes.yml
index 15b13a5..13f9a07 100644
--- a/conf/attributes.yml
+++ b/conf/attributes.yml
@@ -118,6 +118,7 @@ password:
     weight: 31
     self: True
     type: password
+#    hash: ldap_sha512_crypt
     backends:
         ldap: userPassword
 #        ad: unicodePwd
diff --git a/ldapcherry/__init__.py b/ldapcherry/__init__.py
index 60ce654..9c18aea 100644
--- a/ldapcherry/__init__.py
+++ b/ldapcherry/__init__.py
@@ -33,6 +33,9 @@ from mako import lookup
 from mako import exceptions
 from sets import Set
 
+# passlib hash password module import
+from passlib.context import CryptContext
+
 SESSION_KEY = '_cp_username'
 
 
@@ -654,7 +657,12 @@ class LdapCherry(object):
                     raise PasswordMissMatch()
                 if not self._checkppolicy(params['attrs'][pwd1])['match']:
                     raise PPolicyError()
-                params['attrs'][attr] = params['attrs'][pwd1]
+                hash_type = self.attributes.attributes[attr].get('hash')
+                if hash_type:
+                    ctx = CryptContext(schemes=[hash_type])
+                    params['attrs'][attr] = ctx.encrypt(params['attrs'][pwd1])
+                else:
+                    params['attrs'][attr] = params['attrs'][pwd1]
             if attr in params['attrs']:
                 self.attributes.check_attr(attr, params['attrs'][attr])
                 backends = self.attributes.get_backends_attributes(attr)
@@ -720,7 +728,12 @@ class LdapCherry(object):
                                 params['attrs'][pwd1]
                                 )['match']:
                         raise PPolicyError()
-                    params['attrs'][attr] = params['attrs'][pwd1]
+                    hash_type = self.attributes.attributes[attr].get('hash')
+                    if hash_type:
+                        ctx = CryptContext(schemes=[hash_type])
+                        params['attrs'][attr] = ctx.encrypt(params['attrs'][pwd1])
+                    else:
+                        params['attrs'][attr] = params['attrs'][pwd1]
             if attr in params['attrs'] and params['attrs'][attr] != '':
                 self.attributes.check_attr(attr, params['attrs'][attr])
                 backends = self.attributes.get_backends_attributes(attr)
diff --git a/requirements.txt b/requirements.txt
index a9dabc8..8d8ea23 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -2,3 +2,4 @@ CherryPy>=3.0.0
 PyYAML
 Mako
 python-ldap
+passlib
diff --git a/setup.py b/setup.py
index d47a27f..4bb30d6 100755
--- a/setup.py
+++ b/setup.py
@@ -25,6 +25,7 @@ if sys.version_info[0] == 2:
     install_requires = [
         'CherryPy >= 3.0.0',
         'python-ldap',
+        'passlib',
         'PyYAML',
         'Mako'
         ],