This question is quite old now but i was also interested in the answer so i looked it up in the code. Like @Schmu said, NC uses the password_hash function to hash the user passwords.
public function hash(string $message): string {
if (\defined('PASSWORD_ARGON2I')) {
return 2 . '|' . password_hash($message, PASSWORD_ARGON2I, $this->options);
} else {
return 1 . '|' . password_hash($message, PASSWORD_BCRYPT, $this->options);
}
}
Like you see, there are two supported algorithms. The used algorithm depends on your PHP environment. If your environment supports the Argon2i algorithm, this one will be used (see https://github.com/nextcloud/server/pull/9074, i think this is possible since NC14). Otherwise the BCrypt algorithm is used as fallback. Both of them are used with a randomly generated salt like it’s recommended by the PHP documentation.
Like @Schmu mentioned you can have a look at the oc_users table where the password hashes are stored. If you see hashed starting with ‘2|…’ your NC instance uses the Argon2i, the ‘1|…’ are BCrypt hashes.
One last sentence to the hashing cost: this is a parameter you can define in you config.php (https://docs.nextcloud.com/server/stable/admin_manual/configuration_server/config_sample_php_parameters.html?highlight=hashingcost). The default cost is 10. It controls how much time the algorithm needs to generate and verify the password hashed. You can read more about this here https://security.stackexchange.com/questions/17207/recommended-of-rounds-for-bcrypt