We have a plethora of accounts for which we would like to enable CRAM-MD5 but their passwords are stored as MD5 hashes. Is there anything we can do? Can we take a linux MD5 hashed password (e.g. $1$fac330ee$wd6Tll...) and convert it to dovecot's CRAM-MD5 format (e.g. {CRAM-MD5}b3f297...)? Thanks!
On Tue, 2010-09-21 at 11:24 -0700, David Jonas wrote:> We have a plethora of accounts for which we would like to enable > CRAM-MD5 but their passwords are stored as MD5 hashes. Is there anything > we can do? Can we take a linux MD5 hashed password (e.g. > $1$fac330ee$wd6Tll...) and convert it to dovecot's CRAM-MD5 format (e.g. > {CRAM-MD5}b3f297...)?a) Crack the password with brute force. Probably won't be highly successful. b) The plaintext password is known while user logs in. Save it as CRAM-MD5 at that time.
Possibly Parallel Threads
- dovecot.conf: mechanisms = plain login cram-md5 | Windows Live Mail: CRAM-MD5 authentication failed. This could (NOT) be due to a lack of memory on your system
- dsync: Invalid mailbox first_recent_uid
- Requested CRAM-MD5 scheme, but we have only MD5-CRYPT
- CRAM-MD5 authentication but plain-md5 password storage.
- Using real windows drive