[Dovecot] Storing passwords encrypted... bcrypt?

Willie Gillespie wgillespie+dovecot at es2eng.com
Thu Jan 5 21:22:47 EET 2012


On 01/05/2012 11:36 AM, Charles Marcus wrote:
> On 2012-01-05 11:21 AM, Willie Gillespie <wgillespie at es2eng.com> wrote:
>> If the phone knows the password and I have the phone, then I have the
>> password. Similarly, if I compromise the workstation that knows the
>> password, then I also have the password.
>
> Interesting... I thought they were stored encrypted. I definitely use a
> (strong) Master Password in Thunderbird to protect the passwords, so it
> would take some doing on the workstations.

True.  If you are using a master password, they are encrypted.



More information about the dovecot mailing list