diff --git a/doc/api/crypto.md b/doc/api/crypto.md
index 739daa1a72eea2..2331af12aceae7 100644
--- a/doc/api/crypto.md
+++ b/doc/api/crypto.md
@@ -1808,6 +1808,9 @@ otherwise `err` will be `null`. By default, the successfully generated
 `derivedKey` will be passed to the callback as a [`Buffer`][]. An error will be
 thrown if any of the input arguments specify invalid values or types.
 
+If `digest` is `null`, `'sha1'` will be used. This behavior will be deprecated
+in a future version of Node.js.
+
 The `iterations` argument must be a number set as high as possible. The
 higher the number of iterations, the more secure the derived key will be,
 but will take a longer amount of time to complete.
@@ -1871,6 +1874,9 @@ applied to derive a key of the requested byte length (`keylen`) from the
 If an error occurs an `Error` will be thrown, otherwise the derived key will be
 returned as a [`Buffer`][].
 
+If `digest` is `null`, `'sha1'` will be used. This behavior will be deprecated
+in a future version of Node.js.
+
 The `iterations` argument must be a number set as high as possible. The
 higher the number of iterations, the more secure the derived key will be,
 but will take a longer amount of time to complete.
diff --git a/lib/internal/crypto/pbkdf2.js b/lib/internal/crypto/pbkdf2.js
index 9cbfb3dc64211d..5b2d59eb759115 100644
--- a/lib/internal/crypto/pbkdf2.js
+++ b/lib/internal/crypto/pbkdf2.js
@@ -22,7 +22,7 @@ function pbkdf2(password, salt, iterations, keylen, digest, callback) {
   }
 
   ({ password, salt, iterations, keylen, digest } =
-      check(password, salt, iterations, keylen, digest, callback));
+    check(password, salt, iterations, keylen, digest));
 
   if (typeof callback !== 'function')
     throw new ERR_INVALID_CALLBACK();
@@ -42,7 +42,7 @@ function pbkdf2(password, salt, iterations, keylen, digest, callback) {
 
 function pbkdf2Sync(password, salt, iterations, keylen, digest) {
   ({ password, salt, iterations, keylen, digest } =
-      check(password, salt, iterations, keylen, digest, pbkdf2Sync));
+    check(password, salt, iterations, keylen, digest));
   const keybuf = Buffer.alloc(keylen);
   handleError(keybuf, password, salt, iterations, digest);
   const encoding = getDefaultEncoding();
@@ -50,7 +50,7 @@ function pbkdf2Sync(password, salt, iterations, keylen, digest) {
   return keybuf.toString(encoding);
 }
 
-function check(password, salt, iterations, keylen, digest, callback) {
+function check(password, salt, iterations, keylen, digest) {
   if (typeof digest !== 'string') {
     if (digest !== null)
       throw new ERR_INVALID_ARG_TYPE('digest', ['string', 'null'], digest);