It is a jolly bad idea to use the same password for both email and system access. On TLS+plaintext, if your passwords are slurped by a python script, all accounts are compromised. Congratulations, the NSA will love you. On the other side of the ocean, however, there are European states where you must disclose the fact, or go to jail. (I tried to protect dovecot passwords with bcrypt, but the mail clients refused it.) Sent from ProtonMail Mobile
On 27.03.2017 01:13, Ruga wrote:> It is a jolly bad idea to use the same password for both email and system access. > > On TLS+plaintext, if your passwords are slurped by a python script, all accounts are compromised. Congratulations, the NSA will love you. On the other side of the ocean, however, there are European states where you must disclose the fact, or go to jail. > > (I tried to protect dovecot passwords with bcrypt, but the mail clients refused it.)Uh, what? Mail clients do not see how you are storing passwords locally.> > Sent from ProtonMail MobileAki
Right. But that's what I experienced. The next experiment is sheduled in two weeks... I will keep notes and logs for you. Sent from ProtonMail Mobile On Mon, Mar 27, 2017 at 2:21 PM, Aki Tuomi <aki.tuomi at dovecot.fi> wrote: On 27.03.2017 01:13, Ruga wrote:> It is a jolly bad idea to use the same password for both email and system access. > > On TLS+plaintext, if your passwords are slurped by a python script, all accounts are compromised. Congratulations, the NSA will love you. On the other side of the ocean, however, there are European states where you must disclose the fact, or go to jail. > > (I tried to protect dovecot passwords with bcrypt, but the mail clients refused it.)Uh, what? Mail clients do not see how you are storing passwords locally.> > Sent from ProtonMail MobileAki
This is nonsense. You made a mistake in your configuration. Before you try again next time, you should probably discuss your plan with the list to make sure you're on the right track. Good luck, Doug On 03/26/2017 03:13 PM, Ruga wrote:> (I tried to protect dovecot passwords with bcrypt, but the mail clients refused it.)