[Dovecot] Storing passwords encrypted... bcrypt?

Pascal Volk user+dovecot at localhost.localdomain.org
Fri Jan 6 00:28:27 EET 2012


On 01/05/2012 12:31 PM Charles Marcus wrote:
>> You said above that 'yes, I can use it with dovecot' - but what about 
> postfix and mysql... where/how do they fit into this mix? My thought was 
> that there are two issues here:
> 
> 1. Storing them in bcrypted form, and

For MySQL the bcrypted password is just a varchar.

> 2. The clients must support *decrypting* them...

Sorry, i don't know if clients need to know anything about the used
password scheme. The used password scheme is mostly relevant for
Dovecot. Don't mix password scheme and authentication scheme.

> So, since I use postfixadmin, I'm guessing that for #1, it will have to 
> support encrypting them in bcrypt form, and then I have to worry about 
> dovecot - and since I'm planning on using postfix+dovecot-sasl, once 
> dovecot supports it, postfix will too...
> 
> Is that about right?

I think that's correct. Postfix uses Dovecot for the authentication stuff.
If I'm wrong, please let me know it.


Regards,
Pascal
-- 
The trapper recommends today: c01dcafe.1200523 at localdomain.org



More information about the dovecot mailing list