search for: phpass

...user_pass AS password FROM wp_users WHERE user_email='%u'; user_query = SELECT 501 as uid, 501 as gid,'maildir:storage=51200' as quota FROM wp_users WHERE user_email = '%u' I can see that the query is being procecessed according to the logs. Wordpress and others are using phpass to authenticate (http://www.openwall.com/phpass/), it is basically a salted md5 hash. Basically, after the process, a hash like this is obtained. $P$BiWISc3IsqRHxeEjq4VJP1Vi8gy4mg1 (for test123 password) I would like to know if dovecot would be able to read this, otherwise I could still make a c...

On 10/19/2016 01:54 PM, m.roth at 5-cent.us wrote: > Alice Wonder wrote: >> On 10/19/2016 11:34 AM, Leonard den Ottolander wrote: >>> Hello Gordon, >>> >> *snip* >>> >>> Personally I would be more concerned whether or not to enable ECDSA >>> algorithms (https://blog.cr.yp.to/20140323-ecdsa.html). >>> >> For web server ECDSA

...sory Memorandum 02-15. Because of "interoperability" the use of strong crypto is discouraged. Reminds me of the fact that not so long ago (and quite a while after the algorithm was considered broken) openwall (then org, now com) insisted on standardizing on MD5 for password hashes in phpass "because the algorithm is available on nearly every system." As if catering for the lowest common denominator is good practice when security is a concern. Regards, Leonard. -- mount -t life -o ro /dev/dna /genetic/research