Felix Schwarz
2004-Jul-23 10:06 UTC
[Dovecot] RFE: MD5 encryption with for plain text passwords
Hi, due to compatibility issues with mail clients I think I have to use plain text authentication. In order to secure the passwords during their transport I'll use SSL encryption. After reading some documentation I think that I'll have to store the passwords as plain text in the authdb. That is something I dislike very much as it is a (imho) good tradition for unix to store only encrypted passwords for security reasons. I would like to see the possibility in dovecot to store the passwords for plain text authentication md5 encrypted. That should be easy to implement (just one md5 encryption before comparing the given password with the stored one) and could improve security. As this would be an api change it should be made configurable (and in the first versions this setting should default to the actual behavior). How do you like this idea? Maybe I can provide a patch but I won't work on this if you won't include it within dovecot at all. And last but not least I want to thank you for your great support! I really appreciate it! :-) -- Felix
Joshua Goodall
2004-Jul-23 11:20 UTC
[Dovecot] RFE: MD5 encryption with for plain text passwords
On Fri, Jul 23, 2004 at 12:06:00PM +0200, Felix Schwarz wrote:> I would like to see the possibility in dovecot to store the passwords > for plain text authentication md5 encrypted.You can already do this, e.g. using passwd-file with the modular crypt formats, or {SCHEME}password. See auth.txt for more information. Joshua. -- Joshua Goodall "as modern as tomorrow afternoon" joshua at roughtrade.net - FW109 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 187 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20040723/4f084e10/attachment-0001.bin>
David S. Madole
2004-Jul-23 12:21 UTC
[Dovecot] RFE: MD5 encryption with for plain text passwords
> From: "Felix Schwarz" <Felix.Schwarz at web.de> > > After reading some documentation I think that I'll have to store the > passwords as plain text in the authdb. That is something I dislike > very much as it is a (imho) good tradition for unix to store only > encrypted passwords for security reasons. > > I would like to see the possibility in dovecot to store the passwords > for plain text authentication md5 encrypted. That should be easy to > implement (just one md5 encryption before comparing the given password > with the stored one) and could improve security.I understand the reasoning for this desire, but you might want to reconsider. In the long term, it could actually result in less security. The problem is that many secure authentication methods, especially any that are challenge-response based, can only work if the server has access to the plain-text of the password. So if you start down the road of hashed passwords now to support plain text authentication, it will be impractical for you to implement additional forms of authentication later. Not just for IMAP, but also if you reuse your password store for additional services like SMTP authentication. With the relative ease these days of brute-forcing MD5 sums, you might just be fooling yourself with this approach and it might be more worth focusing efforts on making sure your password store is secure. The main reason that Unix systems traditionally store hashed passwords it's because the password file was traditionally world-readable. With improvements in computational power, it was realized that the security of hashes is not really good enough and so Unix systems have gone to shadowing the passwords in a file that is not world-readable. That's most of what really makes the passwords secure now, not the hash. As a compromise, you might consider using a reversable encryption algorithm rather than a hash. That way someone would need to compromise both the database and your configuration file that contains the key to get a password. If you use a database like MySQL as your password store you can do this transparently to the application by doing the decryption using SQL functions. Take a look at some of the user comments at: http://dev.mysql.com/doc/mysql/en/Encryption_functions.html Just a few things to think about. David