[Dovecot] Storing passwords encrypted... bcrypt?

WJCarpenter bill-dovecot at carpenter.org
Wed Jan 4 05:07:47 EET 2012


On 1/3/2012 5:25 PM, Charles Marcus wrote:
> I think ya'll are missing the point... not sure, because I'm still not 
> completely sure that this is saying what I think it is saying (that's 
> why I asked)...

I'm sure I'm not missing the point.  My comment was that password length 
and complexity are probably more important than bcrypt versus sha1, and 
you've already addressed those.  Given that you use strong 15-character 
passwords, pretty much all hash functions are already out of reach for 
brute force.  bcrypt is probably better in the same sense that it's 
harder to drive a car to Saturn than it is to drive to Mars.




More information about the dovecot mailing list