27 Oct
2017
27 Oct
'17
9:44 a.m.
Aki, if I understand it well, salt is useful when database is/was stolen ? Then thief can use eg. rainbow tables to decrypt passwords. Regards, Jack
2017-10-27 7:42 GMT+02:00 Aki Tuomi aki.tuomi@dovecot.fi:
On 27.10.2017 08:37, @lbutlr wrote:
On 25 Oct 2017, at 03:11, Aki Tuomi aki.tuomi@dovecot.fi wrote:
SHA512-CRYPT and PLAIN/LOGIN with SSL. I’m happy with SHA256-CRYPT and PLAIN/LOGIN.
Yes. SHA256-CRYPT is good too. It was just recommendation over using CRAM-MD5, use anything with salt.
Aki