similar to: bcypt availability

We still have MD5 as our default password hash, even though known-hash attacks against MD5 are relatively easy these days. We've supported SHA256 and SHA512 for many years now, so how about making SHA512 the default instead of MD5, like on most Linux distributions? Index: etc/login.conf =================================================================== --- etc/login.conf (revision

Thank you for your reply. It's not that simple, though. Just because some core algorithms are standardised and should be compatible doesn't mean their use in different implementations leads to interoperable data. The key point here seems to be that Dovecot just supports SHA-1 with PBKDF2, not SHA-256. So I'm out of luck here. The different formats are no longer relevant then.

Hello, I'm setting up a new server and, again, seek for a decently secure (from a security specialist's POV) way to store and verify user passwords in a database. Additionally now, GDPR requires me to use a solid state-of-the-art solution. My OS is Ubuntu 20.04, Dovecot version 2.3.7, database backend with PostgreSQL 12. Obviously, storing the plaintext password is a terrible idea.

Hi everyone, Was just perusing this article about how trivial it is to decrypt passwords that are stored using most (standard) encryption methods (like MD5), and was wondering - is it possible to use bcrypt with dovecot+postfix+mysql (or posgres)? -- Best regards, Charles

> Password schemes: HMAC-MD5, RPA, SKEY, PLAIN-MD4, LANMAN, NTLM, SMD5 The web is flooded with plain text passwords and hashed passwords harvested from hacked servers. Dovecot stores passwords with the same scheme used for client authentication. Therefore, we use crammd5/hmac-md5. It does not look like much, but is better than plaintext. As md5 is about to go, and I have no intention to

On 2/13/19 1:23 AM, Matthias Fechner via dovecot wrote: > > > Am 13. Februar 2019 00:34:15 schrieb Robert Moskowitz > <rgm at htt-consult.com>: > >> On 2/12/19 6:03 PM, Matthias Fechner via dovecot wrote: >>> Am 12.02.2019 um 17:05 schrieb Robert Moskowitz via dovecot: >>>> I have trying to find how to set the dovecot-sql.conf for using

On 2/13/19 8:30 AM, Aki Tuomi wrote: > On 13.2.2019 15.18, Robert Moskowitz via dovecot wrote: >> >> On 2/13/19 1:23 AM, Matthias Fechner via dovecot wrote: >>> >>> Am 13. Februar 2019 00:34:15 schrieb Robert Moskowitz >>> <rgm at htt-consult.com>: >>> >>>> On 2/12/19 6:03 PM, Matthias Fechner via dovecot wrote:

On 2/19/19 1:50 AM, Aki Tuomi via dovecot wrote: > > > On 17.2.2019 10.46, Aki Tuomi via dovecot wrote: >> >>> On 17 February 2019 at 10:38 Odhiambo Washington via dovecot < >>> dovecot at dovecot.org <mailto:dovecot at dovecot.org>> wrote: >>> >>> >>> On Sun, 17 Feb 2019 at 11:34, Marc Weustink via dovecot < >>>

reg2mem does not eliminate phi nodes the way codegen does, it just converts ssa values to non-ssa values. It's not the same thing. On Tue, Apr 21, 2015 at 10:14 PM, Eric Lu <eirc.lew at gmail.com> wrote: > By the way. When I remove these phi nodes with -reg2mem, some new load > operations will be inserted, but when I try cache load operations with: > visitFunction >

Hi, Daniel I want to profile load/store operations, in order to reduce the overhead of profiling, I try to instrument the optimized llvm ir, which has phi nodes. BTW, when the value of some load/store operations may have multi-source, then the load will be translated into phi nodes, and all phi nodes are placed in the front of BB. Sometimes, the position is not where the load happens, is there

<!doctype html> <html> <head> <meta charset="UTF-8"> </head> <body> <div> <br> </div> <blockquote type="cite"> <div> On 17 February 2019 at 10:38 Odhiambo Washington via dovecot < <a href="mailto:dovecot@dovecot.org">dovecot@dovecot.org</a>> wrote:

Best Regards! Eric Lew On 周三, 4月 22, 2015 at 12:11 下午, David Blaikie < dblaikie at gmail.com [dblaikie at gmail.com] > wrote: On Tue, Apr 21, 2015 at 8:34 PM, Eric Lu <eirc.lew at gmail.com> wrote: > Hi, all > > I want to instrument load/store operations in LLVM IR. And I find the LLVM > IR generated with flag -o3 is much more efficient than -o0, so I try to >

Hi, Thank you very much for creating and maintaining dovecot! In my scenario, I want to use the password hash algorithms provided by libsodium: https://download.libsodium.org/doc/ So my difficulty is to have dovecot support libsodium's hash algorithms, particularly: crypto_pwhash_scryptsalsa208sha256_str On the sodium maillinglist I asked for help and received an adjusted dovecot code,

1) Build clang with GCC-4.9.2, when compling other application s with clang/clang++, the default linker is ld, can I replace it with other linker tool， if we can, how to do it? I.E. can we use collect2 instead? 2) how to specify the path, if we do not use the default vertion GCC? Best Regards! Eric Lew -------------- next part -------------- An HTML attachment was scrubbed... URL:

Jean-Daniel Dupas via dovecot wrote: > > >> Le 13 f?vr. 2019 ? 14:54, Robert Moskowitz via dovecot >> <dovecot at dovecot.org <mailto:dovecot at dovecot.org>> a ?crit : >> >> >> >> On 2/13/19 8:30 AM, Aki Tuomi wrote: >>> On 13.2.2019 15.18, Robert Moskowitz via dovecot wrote: >>>> >>>> On 2/13/19 1:23 AM,

I've got a problem with some idiots of my users :=). They always use weak passwords. Does anyone know a way to find out which passwords are easy to crack? I mean usual passwords like god, sex, password, $username, .... I use tdb as password database. thank you, livius

Hi, all When compiling a program with -g -O0, and if we have a PC, then with addr2line, we can get the line number of the instruction. My quesions are: what is the result of Phi node instruction, can we get the similar results ? -- Best Regards! Eric Lew -------------- next part -------------- An HTML attachment was scrubbed... URL:

Hi all, I'm currently migrating from tdbsam to LDAP and want to restructure my setup at the same time. I can get the SIDs for the user and machine accounts using pdbedit -Lv | grep SID but I have 800 users so I don't want to reset their passwords. So far, I've dumped the contents of the tdbsam database into an smbpasswd backup file and am running john-the-ripper across it.

On 2/13/19 8:30 AM, Aki Tuomi wrote: > On 13.2.2019 15.18, Robert Moskowitz via dovecot wrote: >> >> On 2/13/19 1:23 AM, Matthias Fechner via dovecot wrote: >>> >>> Am 13. Februar 2019 00:34:15 schrieb Robert Moskowitz >>> <rgm at htt-consult.com>: >>> >>>> On 2/12/19 6:03 PM, Matthias Fechner via dovecot wrote:

Hi, all I want to instrument load/store operations in LLVM IR. And I find the LLVM IR generated with flag -o3 is much more efficient than -o0, so I try to instrument on these optimized LLVM IR, but, some load operations are changed to Phi loads. Then, I try the -reg2mem flag to remove these phi nodes. The problems are: 1) I use visitLoadInst to collect these load operations, and it seems I