Authentication
This is a discussion on Authentication within the alt.comp.mail.exim forums, part of the Mail Servers and Related category; Hello! I want to setup cram_md5 authentication in future. By now i only have plain authentication. Future password-changes will ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
08-04-2005
|
|||
|
|||
Authentication
Hello!
I want to setup cram_md5 authentication in future. By now i only have plain authentication. Future password-changes will leave the clear password in the database. By now in my database i only have the crypted passwords. Cram_md5 needs the clear password (right?). If i set up cram_md5 the server will announce this ability to the clients (right?), these will choose it (right?) and they can not log in (right?). How can i solve the problem: - move to cram_md5 slowly? - activate/offer cram_md5 while not every password is here in clear Thanks for help Matthias 
|
|
08-06-2005
|
|||
|
|||
|
Re: Authentication
Matthias P. Wuerfl wrote:
> Cram_md5 needs the clear password (right?). If i set up cram_md5 the > server will announce this ability to the clients (right?), these will > choose it (right?) and they can not log in (right?). 3x right. > How can i solve the problem: > - move to cram_md5 slowly? > - activate/offer cram_md5 while not every password is here in clear There is no technical solution to this (besides of running john the ripper over your password database). You can only wait until all (or most of) your users authenticated and you had a chance to store the plaintext password or give out new passwords.
|
 |
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
All times are GMT +1. The time now is 02:42 PM.
