Choices of user password encryption

  • I am trying to understand my choices for user password encryption.  In, are the lines:

    // Encrypt
    // In what way do you want the passwords to be crypted?
    // md5crypt = internal postfix admin md5
    // md5 = md5 sum of the password
    // system = whatever you have set as your PHP system default
    // cleartext = clear text passwords (ouch!)
    // mysql_encrypt = useful for PAM integration
    // authlib = support for courier-authlib style passwords
    // dovecot:CRYPT-METHOD = use dovecotpw -s 'CRYPT-METHOD'. Example: dovecot:CRAM-MD5
    $CONF =

    Wow, choices, which to select?

    Postfix uses it to auth users sending emails.
    Dovecot uses it to auth users retrieving emails
    Roundcubemail also uses it to auth users retrieving emails, and call allow users to change it
    Can Thunderbird allow users to change their password for POP3 users?  for IMAP users?

    And postfixadmin maintains it.

    So being a security guy, I don't like any md5-based approach.  But mysql_encrypt is currently a 'block box' to me; I will have to research how it works.

    So what do people use and why?

  • I recently patched my Postfix.admin install to include DIGEST-MD5 support for password storage.  I still have to update the patch to support sending DIGEST-MD5 passwords as well. I am a security guy as well and I just do not like most of the storage mechanism, but DIGEST-MD5 makes it harder to crack

    Check out

    Best regards,

  • There's nothing like the "best encryption" ;-)

    Personally, I'm using plaintext in the database because this allows more flexibility on the password verification. More important, it also allows to use some more secure encryption methods "over the wire" when a user logs in - some of those methods rely on having the plaintext password.

    Of course this also means that I'll have a problem if someone can steal the user database - but my approach is to avoid this ;-)  (BTW: even if you have encrypted passwords in the database, an attacker with enough time, computing power or good rainbow tables will crack the passwords - the only thing you win is some time.)

    But mysql_encrypt is currently a 'block box' to me; I will have to research how it works.

    It uses the MySQL ENCRYPT() function, see