[Dovecot] bcypt availability

Ed W lists at wildgooses.com
Sun Jul 15 12:14:21 EEST 2012

> On 7/12/12, Nick Edwards <nick.z.edwards at gmail.com> wrote:
>> Dear Timo,
>> Do you intend to introduce bcrypt into the built in password schemes?
>> In lew of all these hacks lately many larger companies appear moving
>> this way, we are looking at it too, but dovecot will then be the
>> weakest link in the database security.
>> So, are you planning on this and if so what sort of timeframe /
>> version would you expect it to be in beta ?
>> Nik

Interestingly, there doesn't seem to be so much difference between 
iterated sha-512 (sha512crypt) and bcrypt.  Based on looking at latest 
john the ripper results (although I'm a bit confused because they don't 
seem to quote the baseline results using the normal default number of 

So I think right now, many/most modern glibc are shipping with 
sha256/512crypt implementations (recently uclibc also added this). A 
small number ship with bcrypt (I have a patch for uclibc), which would 
mean that dovecot supported bcrypt out of the box.

For everything else I guess you want a small application and use the 
checkpass dovecot method to do external checking?  You could for example 
implement scrypt checking this way (although I think there is a risk of 
running out of server ram if you have many simultaneous logins..?)

I previously thought I wanted bcrypt, but after some consideration I 
believe sha256/512crypt is likely sufficient for reasonable security


Ed W

More information about the dovecot mailing list