[Dovecot] Any way to test a master user's password?

Nigel Smith gb10hkzo-dovecot at yahoo.co.uk
Fri Aug 16 17:01:39 EEST 2013


Google the terms "Dictionary Attack" and "Rainbow Table"  perhaps ?  ;-)


________________________________
 From: Axel Luttgens <AxelLuttgens at swing.be>
To: Dovecot Mailing List <dovecot at dovecot.org> 
Sent: Friday, 16 August 2013, 13:55
Subject: [Dovecot] Any way to test a master user's password?
 

Hello,

Is there any way to easily check a master user's password, for itself, without having to refer to another user or to weak the security by allowing master users to log in for themselves?

For example, this works:

    # doveadm auth test 'someuser*masteruser'
    Password: <enter master user's password here>
    passdb: someuser*masteruser auth succeeded

but depends on the existence of another user, and is thus contingent and unnecessarily heavy.

TIA,
Axel


More information about the dovecot mailing list