How bad would a partial hash leak be, realistically?

Even though the current recommendation for storing passwords is the usage of a slow key derivation function such as Argon2, scrypt, PBKDF2 or bcrypt1, many websites still use the traditional hash(password + salt) method, with MD5, SHA-1 and SHA-256 being the most commonly used hash functions.

The SHA-1 hash of mySuperSecretPassword123 with the salt !8(L-_20hs is E5D0BEE0300BF17508CABA842084753685781907.

Assume an attacker would steal the salt and the first half of the hash, so E5D0BEE0300BF17508CA. We also assume that the attacker is aware that SHA-1 is being used and how the salt and the password are concatenated.

How difficult would it be for an attacker to recover the original password?


1 bcrypt technically isn’t a key derivation function, but for the purposes of this question it functions identically.