Dovecot + Postfixadmin - changing password encryption

  • TheRealKingS

    TheRealKingS - 2013-05-06


    i've tried to change my password encryption in postfixadmin from md5crypt to dovecot's MD5-CRAM. But i don't get, how to change the existing passwords. Actually they are md5crypted, but how i can change it to MD5-CRAM? I want to make my login to IMAP more secure.

    Sorry for my bad english, but i'm a german.

  • Simon Hobson

    Simon Hobson - 2013-05-06

    The short answer is that you can't. The whole point of a hashed password is that it's not possible* to recover the plain text password from the hash. If not properly salted then you may be able to do it with rainbow tables, but if properly salted this won't work which only leaves brute force methods.
    If you look in the archives, there was a post under the title "converting password schemes" in March asking a question related to this - which didn't get an answer (I didn't answer as there's nothing I can add). But looking at the howto linked in that post, it seems the method is to add an extra field to the database, modify the Dovecot script(s) so that it will generate a new hash when the user logs in, and then when everyone (or nearly everyone) has logged in and generated a new hash you can change the PFA setup to use the new hash method and (I guess) rename the old and new password fields (change password to old_password, and new_password to password).

    • Where to be pedantic, "possible" means "not practical without a huge cost in resources".

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

No, thanks