[Dovecot] bcypt availability
Noel Butler
noel.butler at ausics.net
Mon Jul 16 13:05:09 EEST 2012
On Sun, 2012-07-15 at 11:32 -0700, Robin wrote:
> Indeed. What I have seen is a create deal of variation in the
> configuration (/etc/login.defs or your distro's equivalent) in terms of
> making use of such things.
>
> I don't see any added value to bcrypt over iterated SHA-512, really, and
bcrypt and scrypt are password hash's - they are designed to be slow
md5/sha/sha2 are cryptographic hash's - they are designed to be fast
However, if you keep your database secure, yes, this means using
competent coders, then it matters little what method you use.
Of course if you allow system access to users, the strongest is better
than nothing.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120716/279e2f01/attachment-0004.bin>
More information about the dovecot
mailing list