Juan Miscaro writes:
2008/12/28 Sam Varshavchik <[email protected]>:This is correct. crypted passwords are salted. The first two characters of a crypted-password is a random salt value that's factored into the encrypted content.So courier-authdaemon does not have any trouble verifying an incoming password with an available/stored crypt hash?
Correct.
Note, however, that crypt() limits passwords to eight characters. This is an extremely old password encryption function that should not be used any more. Use other hash functions that support longer passwords.Noted. md5 is preferred I presume. However, since I am using the mysql module of authdaemon I have the authmysqlrc file. In there I have this line: MYSQL_CRYPT_PWFIELD crypt I don't see any comments in the file regarding the use of md5.
Just put an MD5-hashed password in there.
pgpg3eGpskLt1.pgp
Description: PGP signature
------------------------------------------------------------------------------
_______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
