On 06/22/2009 08:49 PM Richard wrote: > Pascal, thanks for the quick reply. I'm using postfixadmin for user > administration so I guess plaintext passwords is the current solution. > > Excuse my newbie question but I want to try and understand this. What > is the reason to have to use plaintext passwords for this kind of > authentication?
When storing passwords in plain text, Dovecot could generate the hashes 'on the fly' (when a user logs in and want to use for example CRAM-MD5, instead of PLAIN or LOGIN). But a user can also use the PLAIN or LOGIN mechanism even when the password is stored as CRAM-MD5 hash. BUT: A user cannot login using DIGEST-MD5 if the password is stored as CRAM-MD5 hash. In this case the password should be stored as DIGEST-MD5 hash (or as plain text (not recommended!)) Further information is available at: http://wiki.dovecot.org/Authentication/Mechanisms Regards; Pascal -- The trapper recommends today: c01dcofe.0917...@localdomain.org
