On 6. Sep 2012, at 17:22 PM, Camaleón wrote:
>> Anyway:
>> In order to convert the hashes, I need the cleartext passwords. So one
>> idea would be to tell Dovecot to spit out the cleartext password when a
>> user authenticates via POP or IMAP. Do you know of any such
>> functionality?
>
> (...)
>
On Wed, 05 Sep 2012 18:02:40 +0200, Sebastian wrote:
(...)
> I want to upgrade the password storage from crypt to SSHA512, which
> makes hashes harder to crack in case the hashes get stolen.
> bcrypt/scrypt would be even better, although Dovecot does not seem to
> support these natively (am I rig
Sebastian wrote:
> Assume a Debian installation running Dovecot and Postfix.
> I want to upgrade the password storage from crypt to SSHA512,
> which makes hashes harder to crack in case the hashes get stolen.
> bcrypt/scrypt would be even better, although Dovecot does not seem
> to support these
Dear all,
Assume a Debian installation running Dovecot and Postfix. So
Dovecot authenticates users from the data in MySQL. Postfix
authenticates users using Dovecot. Credentials are stored in a
MySQL database in the crypt form (DES).
Disadvantages of crypt are:
- no salt
- password truncation a
4 matches
Mail list logo
