First, i would like to note that i have recently started using Ansible for configuration management. One of the things i need in my server environment is to implement a user password changing policy. Since the targets are numerous, i have to use randomly generated passwords for each host. Because passwords are sensitive, they should be generated in the encrypted form. Ansible documentation recommends using python passlib library and SHA512 hashing here.