Score:0

How does dovecot performs the hash comparison process without using salt in password

ve flag

I got a mail server using dovecot, postfix with mysql

I insert an email user through the following sql statement:

insert into users(email, password) values('[email protected]',ENCRYPT('secret'))

Besides, the file /etc/dovecot/dovecot-sql.conf.ext contains:

driver = mysql
connect = host=127.0.0.1 port=3306 dbname=mail user=mail_admin password=password
default_pass_scheme = CRYPT
password_query = SELECT email as user, password FROM users WHERE email='%u';

Also, by using thunderbird I could add an email account successfully to test.

The question is: How dovecot performs the hash comparison in the email authentication process if there's no salt involved in the insert statement?

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.