Linked by Thom Holwerda on Tue 10th Nov 2009 16:10 UTC, submitted by a_weber42
Privacy, Security, Encryption "The major disadvantage of PLAIN text passwords on the server of course is that they are readable. Even if your communication with the server is encrypted it is troubling to have readable passwords on the server. You can easily change this by using the dovecotpw command and creating encrypted passwords."
Permalink for comment 393883
To read all comments associated with this story, please click here.
MD5 not good
by Meor on Tue 10th Nov 2009 17:20 UTC
Meor
Member since:
2006-09-29

MD5 is not sufficient for any situation where there could be an adversary. http://www.mscs.dal.ca/~selinger/md5collision/ Use SHA-256 or the like. MD5 can only be useful when checking for errors when no attacker is suspected.

Reply Score: 3