‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Tuesday, July 2, 2019 6:32 PM, Aki Tuomi via dovecot <dovecot@dovecot.org> wrote:
> I don't actually recommend using password directly from user as password for > private keys, I recommend running them thru some hash / pkcs5 before that. That's a great idea and makes things even safer. I don't know much about PKCS5 but would SHA512 also be safe enough for hashing the password? SHA512 would then generate a 128 characters hash which I would then pass to the parameter "-o plugin/mail_crypt_private_password=" of my "doveadm mailbox cryptokey generate ..." command.
