search for: convertpasswordschem

...pression algorithm For the authentication drivers that are being removed, we suggest using Lua as a replacement. See https://doc.dovecot.org/configuration_manual/authentication/lua_based_authentication/ For information about converting between password schemes, see https://wiki2.dovecot.org/HowTo/ConvertPasswordSchemes If you are using any of these features, please start preparing for their removal in the near future. Features will begin to be dropped as of v2.3.11. Additionally, the mbox format will no longer receive new development. It will still be maintained, however its use beyond migrations and other li...

...pression algorithm For the authentication drivers that are being removed, we suggest using Lua as a replacement. See https://doc.dovecot.org/configuration_manual/authentication/lua_based_authentication/ For information about converting between password schemes, see https://wiki2.dovecot.org/HowTo/ConvertPasswordSchemes If you are using any of these features, please start preparing for their removal in the near future. Features will begin to be dropped as of v2.3.11. Additionally, the mbox format will no longer receive new development. It will still be maintained, however its use beyond migrations and other li...

dovecot is setup on a system with MD5-CRYPT password scheme for all users, and I would like to update this to something that is secure, probably SSHA256-CRYPT, but I want to do this seamlessly without the users having to jump through any hoops. The users are in mySQL (managed via postfixadmin) and the mailbox record simply stores the hash in the password field. Users access their accounts though

...i, i am running dovecot 2.0.11 (with mysql backend) and until now using PLAIN-MD5 as pass default_pass_scheme everything was working fine. However i wanted to change the pass_scheme to something stronger than plain-md5, so i started by reading the wiki. I found this: http://wiki2.dovecot.org/HowTo/ConvertPasswordSchemes But when i comment out "default_pass_scheme" and i create the pass with the {SHA256.hex} prefix i see this in the logs: auth: Error: sql(xxx at xxxxxx.com,10.21.1.1): Password in passdb is not in expected scheme SHA256.hex I tried with several algorithms, but it seems to be something...

Is it possible to save user passwords as clear text through dovecot? I am currently using MD5 passwords and I allow only "plain and login? mechanisms but I want to switch my database to clear text as this will give me the ability to use more mechanisms such as CRAM-MD5. Is this possible? Thank you

Hello, world! I have a long-running Dovecot & Postfix installation using PostgreSQL back-end. Until now I've been using MD5 hashing but would like to "upgrade" to the salted SSHA512. Is there a way to configure Dovecot so that it would automatically detect the type of the hash stored in the database, so that users who have changed their password (and thus being hashed with

...tion_manual/authentication/lua_based_authentication/</a> </div> <div> <br> </div> <div> For information about converting between password schemes, see </div> <div> <a href="https://wiki2.dovecot.org/HowTo/ConvertPasswordSchemes" rel="noopener" target="_blank">https://wiki2.dovecot.org/HowTo/ConvertPasswordSchemes</a> </div> <div> <br> </div> <div> If you are using any of these features, please start preparing for their removal in t...

.... For the authentication drivers, you can use passwd, pam and Lua as replacements for most of them. Lua in particular allows good integration with just about any external system. VPopmail can be replaced with SQL authentication. For password schemes, we have guide: https://wiki2.dovecot.org/HowTo/ConvertPasswordSchemes Memcached should be replaced with redis. The expire, autocreate and autosubscribe plugins can be replaced with namespace settings: namespace { mailbox Name { auto = create or subscribe autoexpunge = value } } See the mailbox configuration documentation at...

...> >> And, while I am here, is it worthwhile to set the -r flag to a large number (like something over 100,000 which sets takes about 0.25 seconds to do on my machine)? >> > Hi, > > you can convert password scheme during the login: > > http://wiki2.dovecot.org/HowTo/ConvertPasswordSchemes Thanks, I started to look into that and got stopped no the first step > userdb { > driver = prefetch > } If I set that and reload dovecot users cannot login. dovecot: auth: Fatal: userdb prefetch: No args are supported: /etc/dovecot/dovecot-sql.conf.ext dovecot: master: Error: ser...

Good Day, I have been following this tutorial without much luck - http://wiki2.dovecot.org/HowTo/ConvertPasswordSchemes#CA-26af2b83a43b8100522c57565773f605c21f2f27_1 It is obvious to me that I am not following the instructions correctly and need to be shown what I am misunderstanding. I have an old postfix + dovecot + Roundcube mailserver (mail.domain.Tld). Server clock is loosing time and adjusting it causes...

Thank you for your reply. It's not that simple, though. Just because some core algorithms are standardised and should be compatible doesn't mean their use in different implementations leads to interoperable data. The key point here seems to be that Dovecot just supports SHA-1 with PBKDF2, not SHA-256. So I'm out of luck here. The different formats are no longer relevant then.

...s, Carl A Jeptha On 2016-04-29 15:02, Steffen Kaiser wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Fri, 29 Apr 2016, Carl A Jeptha wrote: > >> Good Day, >> I have been following this tutorial without much luck - >> http://wiki2.dovecot.org/HowTo/ConvertPasswordSchemes#CA-26af2b83a43b8100522c57565773f605c21f2f27_1 >> >> It is obvious to me that I am not following the instructions >> correctly and need to be shown what I am misunderstanding. >> >> I have an old postfix + dovecot + Roundcube mailserver >> (mail.domain.Tld). S...

...while to set the -r flag to a large number (like something over 100,000 which sets takes about 0.25 seconds to do on my machine)? >>>> >>> Hi, >>> >>> you can convert password scheme during the login: >>> >>> http://wiki2.dovecot.org/HowTo/ConvertPasswordSchemes >> >> Thanks, I started to look into that and got stopped no the first step >> >>> userdb { >>> driver = prefetch >>> } >> >> If I set that and reload dovecot users cannot login. >> >> dovecot: auth: Fatal: userdb prefetch:...

...lly > detect the type of the hash stored in the database, so that users who > have changed their password (and thus being hashed with SHA512) and > users still having an MD5 hash would both be able to authenticate at > the same time? Have a read of this: http://wiki2.dovecot.org/HowTo/ConvertPasswordSchemes

...r choose a new one) is acceptable. > > And, while I am here, is it worthwhile to set the -r flag to a large number (like something over 100,000 which sets takes about 0.25 seconds to do on my machine)? > Hi, you can convert password scheme during the login: http://wiki2.dovecot.org/HowTo/ConvertPasswordSchemes Ciao -- Alessio Cecchi Postmaster @ http://www.qboxmail.it https://www.linkedin.com/in/alessice

...For the authentication drivers that are being removed, we suggest using Lua as a replacement. See > https://doc.dovecot.org/configuration_manual/authentication/lua_based_authentication/ > > For information about converting between password schemes, see > https://wiki2.dovecot.org/HowTo/ConvertPasswordSchemes > > If you are using any of these features, please start preparing for their removal in the near > future. Features will begin to be dropped as of v2.3.11. > > Additionally, the mbox format will no longer receive new development. It will still be > maintained, however its use...

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi everyone, I want to use dovecot as a IMAP and POP3 proxy in front of our current E-Mail hosting server to log the plain text passwords of all successful logins for migration reasons. Actually I don't need the password to see in plain text, storing them as SHA256-CRYPT (or something dovecot can use later for auth) hash in a file or DB would be

In case you are interested, https://wiki.dovecot.org/HowTo/ConvertPasswordSchemes By the way, I am bit sceptical that CRYPT-SHA512 is less secure than PBKDF2. CRYPT-SHA512 is not "just" SHA512(salt||password), it does at least 1000 rounds of hashing in similar way as PBKDF2 does. So, what is your reasoning for claiming that PBKDF2 is much secure than CRYPT-SHA512?...

...uggest >>> using Lua as a replacement. See >>> https://doc.dovecot.org/configuration_manual/authentication/lua_based_authentication/ >>> >>> >>> For information about converting between password schemes, see >>> https://wiki2.dovecot.org/HowTo/ConvertPasswordSchemes >>> >>> If you are using any of these features, please start preparing for >>> their removal in the near >>> future. Features will begin to be dropped as of v2.3.11. >>> >>> Additionally, the mbox format will no longer receive new development...

...lag to a large number (like something over 100,000 which sets takes about 0.25 seconds to do on my machine)? >>>>> >>>> Hi, >>>> >>>> you can convert password scheme during the login: >>>> >>>> http://wiki2.dovecot.org/HowTo/ConvertPasswordSchemes >>> >>> Thanks, I started to look into that and got stopped no the first step >>> >>>> userdb { >>>> driver = prefetch >>>> } >>> >>> If I set that and reload dovecot users cannot login. >>> >>> do...