2007: SHA-crypt in glibc 2.7+

Introduced for political rather than technical reasons
"Security departments in companies are trying to phase out all uses of MD5.  They demand a method which is officially sanctioned.  For US-based users this means tested by the NIST."
Ulrich Drepper, "Unix crypt using SHA-256 and SHA-512", 2007 (revised in 2008)
Configurable iteration count (5000 by default), large salts

Ulrich's SHA-crypt.txt shows some confusion during SHA-crypt design: "the produced output is 32 or 64 bytes respectively in size.  This fulfills the requirement for a large output set which makes rainbow tables less useful to impossible" - that's nonsense

$6$saltstring$svn8UoSVapNtMuq1ukKS4tPQd8iKwSMHWjl/O817G3uBnIFNjnQJuesI68u4OTLiBFdcbYEdFCoEOfaS35inz1
$6$rounds=10000$saltstringsaltst$OW1/O6BYHV6BcXZu8QVeXbDWra3Oeqh0sbHbbMCVNSnCM/UrjmM0Dp8vOuZeHBy/YTBmSK6H9qs/y3RnOaw5v.