On Tue, 2009-01-20 at 21:42 +0100, Maciej Uhlig wrote: > Timo Sirainen: > > If the password is the same in both cases, you can simply use a single > > CRAM-MD5 scheme. Dovecot can do plaintext authentication against all > > schemes just fine. > > > Actually I happen not to understand the above :-( I thought PLAIN is a > plaintext schema while CRAM-MD5 is non-plaintext schema and it's > impossible to have the same password in mixed schemas stored in one > database used for different authentication mechanisms (i.e. PLAIN and > CRAM-MD5). Moreover there is no fallback using mechanism other than > PLAIN. What am I missing here?
Yes, it's not possible to store two different schemas. But the point is that plaintext authentication (PLAIN or LOGIN auth mechanism) can verify the password against ANY schema. > Yes, the password is the same in both cases, but it is stored twice: as > a MD5 hash and as a CRAM-MD5 hash. Just don't store the MD5 hash, it's unnecessary.
signature.asc
Description: This is a digitally signed message part
