[Dovecot] salted passwords
Timo Sirainen
tss at iki.fi
Wed Feb 17 02:05:12 EET 2010
On 15.2.2010, at 19.42, Leonardo Rodrigues wrote:
> from sources on src/auth i can find some interesting informations:
>
> /* format: <SHA1 hash><salt> */
>
> and
>
> #define SSHA256_SALT_LEN 4
>
> so the salt really seems to be 4-byte (which in fact are 8 when watching in hexadecimal), the exact difference on dovecotpw non-salted and salted generated passwords.
The generated SSHA256 passwords have 4 byte salt, but Dovecot supports reading any salt length.
More information about the dovecot
mailing list