[Dovecot] Storing passwords encrypted... bcrypt?

Pascal Volk user+dovecot at localhost.localdomain.org
Thu Jan 5 03:19:37 EET 2012


On 01/03/2012 09:40 PM Charles Marcus wrote:
> Hi everyone,
> 
> Was just perusing this article about how trivial it is to decrypt 
> passwords that are stored using most (standard) encryption methods (like 
> MD5), and was wondering - is it possible to use bcrypt with 
> dovecot+postfix+mysql (or posgres)?

Yes it is possible to use bcrypt with dovecot. Currently you have only
to write your password scheme plugin. The bcrypt algorithm is described
at http://en.wikipedia.org/wiki/Bcrypt.

If you are using Dovecot >= 2.0 'doveadm pw' supports the schemes:
    *BSD:                     Blowfish-Crypt
    *Linux (since glibc 2.7): SHA-256-Crypt and SHA-512-Crypt
	Some distributions have also added support for Blowfish-Crypt
See also: doveadm-pw(1)

If you are using Dovecot < 2.0 you can also use any of the algorithms
supported by your system's libc. But then you have to prefix the hashes
with {CRYPT} - not {{BLF,SHA256,SHA512}-CRYPT}.


Regards,
Pascal
-- 
The trapper recommends today: deadbeef.1200501 at localdomain.org



More information about the dovecot mailing list