How does dovecot performs the hash comparison process without using salt in password

user3637971

6/23/23, 5:48 PM

I got a mail server using dovecot, postfix with mysql

I insert an email user through the following sql statement:

insert into users(email, password) values('[email protected]',ENCRYPT('secret'))

Besides, the file /etc/dovecot/dovecot-sql.conf.ext contains:

driver = mysql
connect = host=127.0.0.1 port=3306 dbname=mail user=mail_admin password=password
default_pass_scheme = CRYPT
password_query = SELECT email as user, password FROM users WHERE email='%u';

Also, by using thunderbird I could add an email account successfully to test.

The question is: How dovecot performs the hash comparison in the email authentication process if there's no salt involved in the insert statement?

0 + 0

mysql

linux

postfix

sql

dovecot

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: How does dovecot performs the hash comparison process without using salt in password

TH: Dovecot ดำเนินการเปรียบเทียบแฮชอย่างไรโดยไม่ใช้เกลือในรหัสผ่าน

RO: Cum efectuează dovecot procesul de comparare cu hash fără a utiliza sare în parolă

RU: Как dovecot выполняет процесс сравнения хэшей без использования соли в пароле

VI: Dovecot thực hiện quá trình so sánh hàm băm như thế nào mà không sử dụng muối trong mật khẩu

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.