Re: [courier-users] Migrating plain text to encrypted passwords
This is a discussion on Re: [courier-users] Migrating plain text to encrypted passwords within the Courier-Imap forums, part of the Mail Servers and Related category; Tim Lyth wrote: > Because I wanted something that I could get working quickly, I've set my > Courier-...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
02-15-2008
|
|||
|
|||
Re: [courier-users] Migrating plain text to encrypted passwords
Tim Lyth wrote:
> Because I wanted something that I could get working quickly, I've set my > Courier-IMAP/MTA server to use plain text passwords in the MySQL > database (with appropriate firewall rules in place to make it more > difficult for people to get to the passwords. > However, I'm interested in changing to using encrypted passwords - From > the outset I've had a field in the SQL database for encrypted passwords, > but never bothered to start using it. > Having the plain text password allows you to use the CRAM-* authentication methods, which may offer additional security. In any case, it allows for more flexible authentication options, and I wouldn't be too quick to give that up. > My question has two parts: > > a) What function does the authmysql module use to encrypt the password > that the client provides? > I don't think that it does. As far as I know, you need to use the system's crypt() function. > b) Is it just a matter of using something like phpmyadmin to dump the > clear passwords in to the encrypted password fields via the function in > answer a)? > No. ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/.../courier-users 
|
Linear Mode
