elasticsearch/x-pack/docs/en/security/authentication/configuring-native-realm.asciidoc

The native realm is available by default when no other realms are 
configured. If other realm settings have been configured in `elasticsearch.yml`, 
you must add the native realm to the realm chain.

You can configure a `native` realm in the `xpack.security.authc.realms.native`
namespace in `elasticsearch.yml`.
Explicitly configuring a native realm enables you to set the order in which it
appears in the realm chain, temporarily disable the realm, and control its
cache options.

. Add a realm configuration to `elasticsearch.yml` under the
`xpack.security.authc.realms.native` namespace. It is recommended that you
explicitly set the `order` attribute for the realm. 
+
--
See <<ref-native-settings>> for all of the options you can set for the `native` realm.
For example, the following snippet shows a `native` realm configuration that
sets the `order` to zero so the realm is checked first:

[source, yaml]
------------------------------------------------------------
xpack:
  security:
    authc:
      realms:
        native:
          native1:
            order: 0
------------------------------------------------------------

NOTE: To limit exposure to credential theft and mitigate credential compromise,
the native realm stores passwords and caches user credentials according to
security best practices. By default, a hashed version of user credentials
is stored in memory, using a salted `sha-256` hash algorithm and a hashed
version of passwords is stored on disk salted and hashed with the `bcrypt`
hash algorithm. To use different hash algorithms, see <<hashing-settings>>.
--

. Restart {es}.