Re: [courier-users] Only 8 characters of the password required - Andreas Grabner - net.sourceforge.lists.courier-users

5 messages in net.sourceforge.lists.courier-usersRe: [courier-users] Only 8 characters...

From	Sent On	Attachments
Andreas Grabner	Sep 26, 2007 9:03 am
Lisa Muir	Sep 26, 2007 9:30 am
Andreas Grabner	Sep 26, 2007 9:59 am
Johnny C. Lam	Sep 26, 2007 11:09 am
Andreas Grabner	Sep 27, 2007 1:18 am

	Permalink for this message Paste this link in email or IM:
	Permalink for this thread Paste this link in email or IM:
	Atom feed for this thread Paste this URL into your reader:

Subject:	Re: [courier-users] Only 8 characters of the password required	Actions...
From:	Andreas Grabner (andr...@vianova.cc)
Date:	Sep 26, 2007 9:59:02 am
List:	net.sourceforge.lists.courier-users

Am Mittwoch, den 26.09.2007, 17:31 +0100 schrieb Lisa Muir:

On 9/26/07, Andreas Grabner <andr...@vianova.cc> wrote:

Hello,

I have just figured out that only the first 8 characters of passwords are significant and the rest is irrelevant. Have i missed some configuration? I think this is a security issue.

In my experience, this would indicate that you're encrpting passwords with the CRYPT function, try using SHA or MD5 instead to avoid the 8 character limitation, but bear in mind that you loose a certain amount of system portability with your passwords which may or may not be an issue.

Thanks, i use

IMAP_CAPABILITY_TLS="$IMAP_CAPABILITY AUTH=PLAIN

Doesn't this mean plain passwords in TLS connection? Should not have something to do with crypt. Right?

I have plain passwords in the database which AUTH mechanism should be preferred? Clients are Outlook [Express] and others?

	Start a set with this search
	Include this search in one of my sets
	Exclude this search from one of my sets
	Permalink to these results Paste this link in email or IM:
	Atom feed for tracking future search results Paste this URL into your reader: