Multiple passwords with sql authentication

BlackVoid blackvoid+dovecot at
Mon Jul 28 22:12:37 UTC 2014

On 2014-07-28 16:51, Timo Sirainen wrote:
> On 23 Jul 2014, at 18:49, BlackVoid <blackvoid+dovecot at> wrote:
>> I'm currently working on a control panel which is using postfix, dovecot
>> and other applications and I want to add application specific passwords
>> to increase security.
>> I found one solution [1], however it requires the password to be
>> included in the query which is something I do not want to do, because
>> the query may be written in clear-text to log-files. So I'm wondering if
>> there is a way to have multiple passwords with dovecot without risking
>> passwords being leakied in clear-text to log-files.
> There's an old patch to support this, but it was never finished:
> I had a newer idea about encoding the passwords into a single field, such as {MULTI}hash1:hash2:hash3 but that doesn't exist either yet.
> For now the only possibility would be to create multiple passdbs, each one returning a different password field. That could work if you have only a couple of different passwords.

Well that's unfortunate. Looks like I have to scrap the idea until
either the old patch or your idea is implemented. I don't think having
multiple passdbs is a choice, because the amount of application specific
passwords a user can have is not finite.

Thanks for the help though.

More information about the dovecot mailing list