Quoting Tomasz Chmielewski <[EMAIL PROTECTED]>:
What encryption is used by Cyrus? When I look into MySQL database, the password look like that: abcDe12FGHiJK So it's 13 characters. What encryption is it?
Cyrus doesn't use any encryption to store passwords. Actually, it doesn't store passwords at all. It simply uses some backend to authenticate users. The encryption (if any) is whatever that backend uses. Looking at the above, it's most likely that you have setup MySQL backend to use ancient (and more or less easy to brute force) Unix crypt algorithm. First two chars are salt, and the rest is some kind of hash obtained using DES encryption and first 8 bytes of user's password (with 8th bit stripped) as key. See manual page for crypt for more details.
-- See Ya' later, alligator! http://www.8-P.ca/ ---- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
