On 2025-11-10 06:58, Aki Tuomi via dovecot wrote:
Try adding to the passwd-file
default_password_scheme = crypt
Thanks, this worked, even though I have no idea why.
The documentation states:
https://doc.dovecot.org/2.4.2/core/config/auth/schemes.html#crypt Traditional DES-crypted password
However, my file uses SHA512-CRYPT ($6$), and sha256crypt, and yescrypt. Not sure, if DES-crypted passwords are still in use these days. The last 10 years I have only seen sha512crypt, sha256crypt, bcrypt, and yescrypt. Either way, even though the password is not crypt (56bit DES crypt), authentication still seems to work. Very mysterious.
Somehow the documentation is very confusing. And why for the love of security is PLAIN the default? Nobody in their right mind chooses to store passwords in clear text. In fact, when using PLAIN one should have to set a separate parameter:
i_know_what_i_am_doing = yes or i_know_how_stupid_that_is = yes
Yet, PLAIN is the default? This is also a breaking change and should have been mentioned in BIG FAT LETTERS. As I have pointed out, in 2.3 the file worked without setting any password scheme parameter.
I am genuinely puzzled.
Cheers, K. C.