[Dovecot] Authentication mechanism and Password scheme
Timo Sirainen
tss at iki.fi
Tue Apr 10 21:21:25 EEST 2012
On 10.4.2012, at 19.35, Ed W wrote:
> Does dovecot 2.0 also support SCRAM-SHA?
v2.1 does.
> I only mention because it's come up on my radar recently and as I understand it, it solves the issue of either having
> - plain text db of passwords, encrypted login
> - encrypted db of passwords, plaintext login
>
> With SCRAM you have both sides "encrypted".
The same way as with DIGEST-MD5 and several others. Each mechanism requires that the server-side password is saved using a hash specific to that auth mechanism, none of them support generic MD5/SHA/etc hashes or other mechanisms' hashes. Looks like Dovecot's current SCRAM-SHA1 supports only plaintext passwords, but it would be possible to add SCRAM-SHA1 password scheme similar to others.
More information about the dovecot
mailing list