17 May
2010
17 May
'10
8:38 p.m.
Manao ahoana, Hello, Bonjour, I've read: http://wiki.dovecot.org/Authentication/PasswordSchemes
I have a users database with clear plain passwords. Dovecot authenticates users without problems against it.
Now, it's time to move to CRYPT scheme.
Before that, I would like to know how things happen.
He have:
- the user, (entering his password in the MUA)
- the user's MUA (Thunderbird, Outlook, Squirrelmail,...)
- the POP or IMAP server
- the users database (mySQL) with username and crypt()'d password
How I think the process is:
- the user enters his password in a clear way.
- the MUA sends the password as the user entered it to the POP or IMAP server
- the POP or IMAP server fetches the password from the database
- the POP or IMAP server crypt()'s the user entered password
- the POP or IMAP server compares crypt()'d ones and gives his response
Am I close enough to reality? Too far?
Misaotra, Thanks, Merci.
-- Architecte Informatique chez Blueline/Gulfsat: Administration Systeme, Recherche & Developpement +261 3456 000 19