[Dovecot] Storing passwords encrypted... bcrypt?
Noel Butler
noel.butler at ausics.net
Thu Jan 5 03:59:12 EET 2012
On Tue, 2012-01-03 at 20:58 -0500, Michael Orlitzky wrote:
> To prevent rainbow table attacks, salt your passwords. You can make them
> a little bit more difficult in plenty of ways, but salt is the /solution/.
Agreed...
We use Crypt::PasswdMD5 -
unix_md5_crypt() for all general password storage including mail/ftp
etc, except for web, where we need to use apache_md5_crypt().
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120105/fd5d9569/attachment-0004.bin>
More information about the dovecot
mailing list