Re: Changing email password storage format
Sebastian <debian@really-force.net> wrote:
> Assume a Debian installation running Dovecot and Postfix.
> I want to upgrade the password storage from crypt to SSHA512,
> which makes hashes harder to crack in case the hashes get stolen.
> bcrypt/scrypt would be even better, although Dovecot does not seem
> to support these natively (am I right here?).
That may depend on which version of Dovecot you're running:
- http://wiki2.dovecot.org/Authentication/PasswordSchemes
- http://wiki.dovecot.org/Authentication/PasswordSchemes
> In order to convert the hashes, I need the cleartext passwords. So one
> idea would be to tell Dovecot to spit out the cleartext password when
> a user authenticates via POP or IMAP. Do you know of any such
> functionality?
On my implementation, setting auth_debug_password=yes may well generate
passwords in the logfile. (It's supposed to write them only on a
password mismatch, but I get them since I've got two authentication
sources enabled and mostly only one of them has matching data.)
> So before I start hacking something together, I wanted to ask if anyone
> already knows a solution for this? Given the recent large password
> leaks (e.g. Linkedin), a few others probably thought about this. See
> Table I in http://www.bsdcan.org/2009/schedule/attachments/87_scrypt.pdf
Given these leaks, you really need to ask whether you want to be
collecting plain text passwords. Maybe you should provide a "reset
password" function and push people to use that. (Looking at the scheme
label prefixing each password will allow you to determine who has upgraded
and who hasn't.)
Chris
Reply to: