similar to: Support for Argon2 for password hashing

The version of libsodium in EPEL supports argon2 For php you can build the libsodium extension. Also php 7.2+ builds that extension if you specify it build time using --with-sodium=shared switch. For dovecot you have to build it against sodium which means building your own packages but it works. At least with modern upstream dovecot. On 2/13/19 5:18 AM, Robert Moskowitz wrote: > Is there

I am using a FreeBSD 11-2 amd/64 system with dovecot version 2.3.4 installed. I was playing around with different encryption schemes. doveadm pw -l SHA1 SSHA512 BLF-CRYPT PLAIN HMAC-MD5 OTP SHA512 SHA RPA DES-CRYPT CRYPT SSHA MD5-CRYPT SKEY PLAIN-MD4 PLAIN-MD5 SCRAM-SHA-1 LANMAN SHA512-CRYPT CLEAR CLEARTEXT SSHA256 NTLM MD5 PBKDF2 SHA256 CRAM-MD5 PLAIN-TRUNC SHA256-CRYPT SMD5 DIGEST-MD5

On 12/4/18, 1:14 AM, "dovecot on behalf of Aki Tuomi" <dovecot-bounces at dovecot.org on behalf of aki.tuomi at open-xchange.com> wrote: On 3.12.2018 22.24, Jerry wrote: > I am using a FreeBSD 11-2 amd/64 system with dovecot version 2.3.4 installed. > I was playing around with different encryption schemes. > > doveadm pw -l > SHA1

Hi, Thank you very much for creating and maintaining dovecot! In my scenario, I want to use the password hash algorithms provided by libsodium: https://download.libsodium.org/doc/ So my difficulty is to have dovecot support libsodium's hash algorithms, particularly: crypto_pwhash_scryptsalsa208sha256_str On the sodium maillinglist I asked for help and received an adjusted dovecot code,

On 2/19/19 1:50 AM, Aki Tuomi via dovecot wrote: > > > On 17.2.2019 10.46, Aki Tuomi via dovecot wrote: >> >>> On 17 February 2019 at 10:38 Odhiambo Washington via dovecot < >>> dovecot at dovecot.org <mailto:dovecot at dovecot.org>> wrote: >>> >>> >>> On Sun, 17 Feb 2019 at 11:34, Marc Weustink via dovecot < >>>

<!doctype html> <html> <head> <meta charset="UTF-8"> </head> <body> <div> <br> </div> <blockquote type="cite"> <div> On 17 February 2019 at 10:38 Odhiambo Washington via dovecot < <a href="mailto:dovecot@dovecot.org">dovecot@dovecot.org</a>> wrote:

Thank you for your reply. It's not that simple, though. Just because some core algorithms are standardised and should be compatible doesn't mean their use in different implementations leads to interoperable data. The key point here seems to be that Dovecot just supports SHA-1 with PBKDF2, not SHA-256. So I'm out of luck here. The different formats are no longer relevant then.

On 2/12/19 6:03 PM, Matthias Fechner via dovecot wrote: > Am 12.02.2019 um 17:05 schrieb Robert Moskowitz via dovecot: >> I have trying to find how to set the dovecot-sql.conf for using >> SHA256/512.? I am going to start clean with the stronger format, not >> migrate from the old MD5.? It seems all I need is: > you maybe would like to have a look to the hashing algo

2016-07-31 16:39 GMT+02:00 <aki.tuomi at dovecot.fi>: > > > On July 27, 2016 at 2:08 AM Andreas Meyer <luckyfellow42 at gmail.com> > wrote: > > > > > > Hi, > > > > > > I want to add a new password hashing scheme as plugin and provide it for > > the dovecot project, so that it will be included as optional plugin in > > future

> On 22/02/2023 07:00 EET James Brown <jlbrown at bordo.com.au> wrote: > > > On 21 Feb 2023, at 10:12 pm, James Brown <jlbrown at bordo.com.au> wrote: > > > > > > > The new one has Dovecot compiled with same configure options, same configuration files, but fails to authenticate: > > > > Feb 21 21:51:03 master: Info: Dovecot v2.3.20

> On August 1, 2016 at 4:38 PM aki.tuomi at dovecot.fi wrote: > > > > > On August 1, 2016 at 3:45 PM Andreas Meyer <luckyfellow42 at gmail.com> wrote: > > > > > > 2016-07-31 16:39 GMT+02:00 <aki.tuomi at dovecot.fi>: > > > > > > > > > On July 27, 2016 at 2:08 AM Andreas Meyer <luckyfellow42 at gmail.com> >

> On 22 Feb 2023, at 5:33 pm, Aki Tuomi <aki.tuomi at open-xchange.com> wrote: >> >> Thanks Aki, that was helpful. When I add that I get: >> >> checking for LIBSODIUM... no >> configure: error: Can't build with libsodium: not found >> >> So I have to tell it where libsodium is. >> >> Tried: >> >>

> On 22/02/2023 07:48 EET James Brown <jlbrown at bordo.com.au> wrote: > > > > On 22 Feb 2023, at 4:14 pm, Aki Tuomi <aki.tuomi at open-xchange.com> wrote: > > > > > > > I?ve spent ages on this and am getting really desperate! :-( > > > > > > CPPFLAGS=-I/opt/homebrew/Cellar/openssl at 3/3.0.8/include

> On 22/02/2023 08:41 EET James Brown <jlbrown at bordo.com.au> wrote: > > > > On 22 Feb 2023, at 5:33 pm, Aki Tuomi <aki.tuomi at open-xchange.com> wrote: > > > > > > Thanks Aki, that was helpful. When I add that I get: > > > > > > checking for LIBSODIUM... no > > > configure: error: Can't build with libsodium: not

The use of salt, today, is to prevent the attacker from directly seeing who has same passwords. Of course it also will make a rainbow table attack less useful, but then again, no one uses rainbow tables anymore since it takes about few minutes to brute force a password in the cloud or on your home computer GPU. SHA512-CRYPT uses by default 4000 rounds on dovecot, to make it more computationally

On 3.12.2018 22.24, Jerry wrote: > I am using a FreeBSD 11-2 amd/64 system with dovecot version 2.3.4 installed. > I was playing around with different encryption schemes. > > doveadm pw -l > SHA1 SSHA512 BLF-CRYPT PLAIN HMAC-MD5 OTP SHA512 SHA RPA DES-CRYPT CRYPT SSHA > MD5-CRYPT SKEY PLAIN-MD4 PLAIN-MD5 SCRAM-SHA-1 LANMAN SHA512-CRYPT CLEAR > CLEARTEXT SSHA256 NTLM MD5

Hello, I'm setting up a new server and, again, seek for a decently secure (from a security specialist's POV) way to store and verify user passwords in a database. Additionally now, GDPR requires me to use a solid state-of-the-art solution. My OS is Ubuntu 20.04, Dovecot version 2.3.7, database backend with PostgreSQL 12. Obviously, storing the plaintext password is a terrible idea.

Aki Tuomi wrote: > The use of salt, today, is to prevent the attacker from directly seeing > who has same passwords. Of course it also will make a rainbow table > attack less useful, Not just less useful, but almost infeasible. Given the use of random salts, you would have to generate (number of possible salts) rainbow tables. This drastically changes the CPU/storage tradeoffs. >

On 2/13/19 8:30 AM, Aki Tuomi wrote: > On 13.2.2019 15.18, Robert Moskowitz via dovecot wrote: >> >> On 2/13/19 1:23 AM, Matthias Fechner via dovecot wrote: >>> >>> Am 13. Februar 2019 00:34:15 schrieb Robert Moskowitz >>> <rgm at htt-consult.com>: >>> >>>> On 2/12/19 6:03 PM, Matthias Fechner via dovecot wrote:

> On 22/02/2023 09:10 EET James Brown <jlbrown at bordo.com.au> wrote: > > > On 22 Feb 2023, at 5:53 pm, Aki Tuomi <aki.tuomi at open-xchange.com> wrote: > > > > > > > > > > > > > > > % locate libsodium > > > > > /opt/homebrew/Cellar/libsodium > > > > > /opt/homebrew/Cellar/libsodium/1.0.18_1