Using SHA256/512 for SQL based password

Yassine Chaouche a.chaouche at algerian-radio.dz
Wed Feb 20 12:09:48 EET 2019


On 2/12/19 5:05 PM, Robert Moskowitz via dovecot wrote:
> I have trying to find how to set the dovecot-sql.conf for using 
> SHA256/512.  I am going to start clean with the stronger format, not 
> migrate from the old MD5.  It seems all I need is:
> [...] default_pass_scheme = SHAxxx-CRYPT [...]

How do your users change their password ?

Here's how I configured my roundcube's password plugin to keep things 
together ($roundcubefolder/plugins/password/config.php)

$config['password_algorithm']        = 'dovecot';

$config['password_algorithm_prefix'] = '{SHA512-CRYPT}';

$config['password_dovecotpw_method'] = 'SHA512-CRYPT';

$config['password_query']            = "UPDATE mail.users SET password=%P WHERE email=%u LIMIT 1";

I left other fields alone.

Yassine.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dovecot.org/pipermail/dovecot/attachments/20190220/29255297/attachment.html>


More information about the dovecot mailing list