[Dovecot] Password authentication and character set

Geert Hendrickx ghen at telenet.be
Wed Nov 19 10:27:21 EET 2008


On Wed, Nov 19, 2008 at 08:44:21AM +0200, Fredrik Grönqvist wrote:
> Yes, I agree that it should be in UTF-8. My specific problem is that about
> 80% (a rough estimate) of our users are on either Windows or webmail. Those
> having passwords containing umlauts etc can log on, using their current
> client, if the passwords are kept ISO-8859-1 encoded instead of UTF-8.
> 
> As Timo pointed out, the options to "fix" this on the server side are
> currently quite limited, so it seems I have to stick to the lowest common
> denominator in our password policy.


If you only have to support two or three different charsets, I think you could
use a clever MySQL passdb query to match either of them.

Have a look at http://wiki.dovecot.org/AuthDatabase/SQL under "Password
verification by SQL server", and expand the password match to something like
(passwd = PASSWORD('%w') OR passwd = PASSWORD(CONVERT(_latin1'%w' USING utf8)))
assuming you store the passwords as UTF-8 and assume the input is either UTF-8
or ISO-8859-1.

	Geert



More information about the dovecot mailing list