From: "Felix Schwarz" Felix.Schwarz@web.de
After reading some documentation I think that I'll have to store the passwords as plain text in the authdb. That is something I dislike very much as it is a (imho) good tradition for unix to store only encrypted passwords for security reasons.
I would like to see the possibility in dovecot to store the passwords for plain text authentication md5 encrypted. That should be easy to implement (just one md5 encryption before comparing the given password with the stored one) and could improve security.
I understand the reasoning for this desire, but you might want to reconsider. In the long term, it could actually result in less security.
The problem is that many secure authentication methods, especially any that are challenge-response based, can only work if the server has access to the plain-text of the password. So if you start down the road of hashed passwords now to support plain text authentication, it will be impractical for you to implement additional forms of authentication later. Not just for IMAP, but also if you reuse your password store for additional services like SMTP authentication.
With the relative ease these days of brute-forcing MD5 sums, you might just be fooling yourself with this approach and it might be more worth focusing efforts on making sure your password store is secure. The main reason that Unix systems traditionally store hashed passwords it's because the password file was traditionally world-readable. With improvements in computational power, it was realized that the security of hashes is not really good enough and so Unix systems have gone to shadowing the passwords in a file that is not world-readable. That's most of what really makes the passwords secure now, not the hash.
As a compromise, you might consider using a reversable encryption algorithm rather than a hash. That way someone would need to compromise both the database and your configuration file that contains the key to get a password. If you use a database like MySQL as your password store you can do this transparently to the application by doing the decryption using SQL functions. Take a look at some of the user comments at: http://dev.mysql.com/doc/mysql/en/Encryption_functions.html
Just a few things to think about.
David