Support for multiple passwords?
Conrad Kostecki
ck+dovecot at bl4ckb0x.de
Wed Mar 18 19:56:57 UTC 2015
Am 2015-03-18 20:46, schrieb Reindl Harald:
> Am 18.03.2015 um 20:40 schrieb Conrad Kostecki:
>> Hi!
>> Currently, the passwords are stored in plaintext for my dovecot, as I
>> am
>> still using cram-md5 AND digest-md5.
>> I have still to offer that, as I have some deprecated clients,
>> therefore, I am unable to hash at least those passwords for that
>> accounts.
>>
>> I've found on the Wiki:
>>> In future it's possible that Dovecot could support multiple passwords
>>> in different schemes for a single user.
>>
>> Is there any news about this? Are there still any plans to support
>> this
>> maybe in future?
>> For my understanding, that would solve my problem, that I could define
>> a
>> password in both schemes (cram and digest) and don't have to use
>> plaintext password?
>
> if you would read http://en.wikipedia.org/wiki/CRAM-MD5 and understand
> how CRAM-MD5 works you would know that you just can't store cram
> because the whole purpose is that it changes all the time
Maybe I am totally wrong,
but according to the Wiki, if I would be use using CRAM-MD5 without
DIGEST-MD5, the password could be stored not in plain text but instead
in a cram-md5 scheme?
At least, that had worked for me in a test setup. But I will have a
look.
> http://wiki.dovecot.org/Authentication/PasswordSchemes
> For example if you're going to use CRAM-MD5 authentication, the
> password needs to be stored in either PLAIN or CRAM-MD5 scheme.
Cheers
Conrad
More information about the dovecot
mailing list