Using SHA256/512 for SQL based password
Matthias Fechner
idefix at fechner.net
Wed Feb 13 08:23:01 EET 2019
Am 13. Februar 2019 00:34:15 schrieb Robert Moskowitz <rgm at htt-consult.com>:
> On 2/12/19 6:03 PM, Matthias Fechner via dovecot wrote:
>> Am 12.02.2019 um 17:05 schrieb Robert Moskowitz via dovecot:
>>> I have trying to find how to set the dovecot-sql.conf for using
>>> SHA256/512. I am going to start clean with the stronger format, not
>>> migrate from the old MD5. It seems all I need is:
>> you maybe would like to have a look to the hashing algo ARGON2I which is
>> currently recommended for new developments and deployments.
>
> Recommended by whom?
>
> Can you provide a link?
Sure, please see here:
https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet
>
>
> And if I was adventurous about hashes, I would be looking more at Keccak.
>
>
> Check out my Internet Draft:
>
>
> draft-moskowitz-small-crypto-00.txt
Thanks for the tip, will have a look for into it.
Gruß
Matthias
More information about the dovecot
mailing list