similar to: sha-512 ... shadow blended with database

Hello, Thanks for the explanation. So should I go with SSHA512 or SHA512-CRYPT? From your explanation i'm interpreting to mean that SHA512-CRYPT also salts. This is for storing in a mysql database. Also, what should the password field length and type be set for? Currently it's varchar(128) Thanks. Dave. On 4/29/17, Aki Tuomi <aki.tuomi at dovecot.fi> wrote: > >> On April

Hello, I have a few questions on password schemes. Is SHA512 the most secure? Is there a difference between SHA512 and SHA512-CRYPT? What about SSHA512 and SSH512-CRYPT? Is there a problem with this sql statement: UPDATE virtual_users SET password=CONCAT(?{SHA256-CRYPT}?, ENCRYPT (?Password Goes Here?, CONCAT(?$5$?, SUBSTRING(SHA(RAND()), -16)))) WHERE user=?user at example.com?; I'm

The idea of salted hash algorithms is to generate a different hash even if the same text is entered. That can be easily seen with dovecotpw: using NON-salted SHA256, same hash is generated for a given password [root at correio ~]# dovecotpw -s SHA256 -p 123 {SHA256}pmWkWSBCL51Bfkhn79xPuKBKHz//H6B+mY6G9/eieuM= [root at correio ~]# dovecotpw -s SHA256 -p 123

Hello. I'm switching from b1gmail to my own setup which consists of Postfix+Dovecot+MySQL (and maybe VBoxAdm). There are two problems: - b1gmail is using unsalted MD5 hashes. Is there any good way to make my new setup backward compatible? So I don't have to force all of my 50k users to change their password. - How do I change my setup to salted SHA256 (or an even better algorithm). And

Dear all, I send you a new email to know what is the progress of SCRAM-SHA-***(-PLUS) supports? Currently there is only SCRAM-SHA-1: https://doc.dovecot.org/configuration_manual/authentication/password_schemes/. - RFC6331: Moving DIGEST-MD5 to Historic: https://tools.ietf.org/html/rfc6331 - RFC5802: Salted Challenge Response Authentication Mechanism (SCRAM) SASL and GSS-API Mechanisms:

Hello Stephan, Thanks for the link about SCRAM-SHA-256, good news for this point, hope a merge soon :) I am from this page: https://wiki.dovecot.org/Authentication/PasswordSchemes ^^ The -PLUS variant for all SCRAM is not possible too for have (with other SCRAM): SCRAM-SHA-1(-PLUS), SCRAM-SHA-224(-PLUS), SCRAM-SHA-256(-PLUS), SCRAM-SHA-384(-PLUS), SCRAM-SHA-512(-PLUS) Some softwares use

Hello all, I would like to know if it is possible to add SCRAM-SHA-256 and SCRAM-SHA-512 supports? RFC7677: SCRAM-SHA-256 and SCRAM-SHA-256-PLUS: Simple Authentication and Security Layer (SASL) Mechanisms https://tools.ietf.org/html/rfc7677 Thanks in advance. Regards, Neustradamus -------------- next part -------------- An HTML attachment was scrubbed... URL:

This solution is not mine, but its tested and works. Great thanks to my buddy @ four elements Hope its usefull for somebody over here. ================================ mainlocation ================================ %userprofile%\Application data\Mozilla\Profiles\%profile%\%salted%\... %userprofile% = C:\Documents and settings\%username% %profile% = "default" %salted% =

I would go with SHA512-CRYPT, since it is compatible with lots of other things. The field length is static and it contains ascii characters, and it appears to be 118 characters long, but it might be a good idea to use varchar(255) nevertheless, in case you decide to use something else someday. With mysql, you can do mysql> SELECT

> On April 29, 2017 at 4:22 AM David Mehler <dave.mehler at gmail.com> wrote: > > > Hello, > > I have a few questions on password schemes. Is SHA512 the most secure? > Is there a difference between SHA512 and SHA512-CRYPT? What about > SSHA512 and SSH512-CRYPT? > > Is there a problem with this sql statement: > > UPDATE virtual_users SET

Hello, attached is an hg export on top of the current dovecot-2.2 branch, which adds support for a SCRAM-SHA-1 password scheme. Ideally I'd want doveadm pw's rounds flag to apply to this, but that's currently specific to the crypt password scheme, so I left it out for now. Regards, Florian Zeitz -------------- next part -------------- # HG changeset patch # User Florian Zeitz

Hi, I am currently installing doveot as POP and IMAP server, but I a have a few difficulties configuring it correctly. I use postgresql to store the user information. The passwords are stored SHA1 encrypted. Now I have the problem that dovecot isn't accepting the user. In dovecot-pgsql.conf I defined default_pass_scheme = SHA1 I am not quite sure about whether this is corrents, since it

> On 16 December 2018 at 10:27 Tributh via dovecot <dovecot at dovecot.org> wrote: > > > Hi, > is that here the right place to make feature requests? > > dovecot supports as authentication mechanism > SCRAM-SHA-1 from RFC 5802 > which was updated to > SCRAM-SHA-256 in RFC 7677 > > Can SCRAM-SHA-256 be added to the authentication mechanisms? > >

Op 16/12/2018 om 10:06 schreef Tributh via dovecot: > > Am 16.12.18 um 09:42 schrieb Aki Tuomi: >>> On 16 December 2018 at 10:27 Tributh via dovecot <dovecot at dovecot.org> wrote: >>> >>> >>> Hi, >>> is that here the right place to make feature requests? >>> >>> dovecot supports as authentication mechanism >>>

openSUSE 11.0 has glibc 2.8, which supports the SHA-512 method. Fallback to an explicit MD5 for older versions. --- customize/password.ml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/customize/password.ml b/customize/password.ml index 27ced67..258d726 100644 --- a/customize/password.ml +++ b/customize/password.ml @@ -162,6 +162,9 @@ and default_crypto g root = | "ubuntu", v

Hello, I would like to change my courier to dovecot. When I try to setup ldap auth, I get error: dovecot-auth: ldap(martynas): Unknown password scheme SHA So, how enable SHA scheme on dovecot? regards, Martynas

On 29/07/2023 16:47, Reese Wang via samba wrote: > Thanks. I'm wondering if I can avoid storing NT-hash (that unsalted > MD4) of user passwords, and still be able to join a Windows Server > 2022 server to the domain, and authenticate users with samba. > > Maybe I should read some documentation and open another thread. > I take it that by '2022 server', you mean a

Dear all, I use Dovecot SASL (2.1.15) on Ubuntu 12.04 for IMAP authentication and Postfix SASL authentication. I tried to setup SCRAM-SHA-1 as SASL mechanism. This works well on Dovecot's client side towards my OpenLDAP server (with libsasl-2), but fails on the server side (IMAP and SMTP). In the following, there's an extract from Dovecot's log, when using mutt as SMTP client:

Hi I would like to simulate dovecot's dovecotpw with a perl script I tried / used use Crypt::SaltedHash; my $csh = Crypt::SaltedHash->new(algorithm => 'SHA-1'); $csh->add($passwd_string); my $salted = $csh->generate; also use Digest::SHA1; use MIME::Base64; $ctx = Digest::SHA1->new; $ctx->add($passwd_string); $ctx->add('salt'); my $salted =

Hello everyone, I'm trying to make dovecot do user authentication against a SQL database. The passwords (managed by Django) are stored as salted SHA1 encoded in hex. I monkey patched Django's password method so that the password hash is made with <password><salt> (Django does <salt><password>, the patched method was verified to return same value as