[GH-ISSUE #1422] Changing password scheme #1127

New issue

Closed

opened 2026-02-27 11:15:26 +03:00 by kerem · 3 comments

kerem commented

2026-02-27 11:15:26 +03:00

Owner

Originally created by @ghost on GitHub (Mar 4, 2018).
Original GitHub issue: https://github.com/modoboa/modoboa/issues/1422

I was asked yesterday on IRC if it's safe to change the Default password scheme, I said no but I'm wrong. It is safe to change Default password scheme but there is one caveat.

When Modoboa saves the hashed password to the database it prefixes it with the scheme so dovecot knows which scheme to use when validating passwords, if no scheme prefix is present it falls back to default_pass_scheme set in dovecot-sql.conf.ext. (Most SQL based admin interfaces don't prefix the password scheme, which is where I made the mistake)

The one caveat is changing Default password scheme doesn't automatically update all the stored passwords to the new scheme. This either needs done manually by getting each user to change their password or a post login script is required for dovecot to update the password when the user logs into imap/pop. (See Convert Password Schemes)

Update documentation
Create a post login script for use with dovecot

Originally created by @ghost on GitHub (Mar 4, 2018). Original GitHub issue: https://github.com/modoboa/modoboa/issues/1422 I was asked yesterday on IRC if it's safe to change the `Default password scheme`, I said no but I'm wrong. **It is safe to change `Default password scheme`** but there is one caveat. When Modoboa saves the hashed password to the database it prefixes it with the scheme so dovecot knows which scheme to use when validating passwords, if no scheme prefix is present it falls back to `default_pass_scheme` set in `dovecot-sql.conf.ext`. (*Most* SQL based admin interfaces don't prefix the password scheme, which is where I made the mistake) The one caveat is changing `Default password scheme` doesn't automatically update all the stored passwords to the new scheme. This either needs done manually by getting each user to change their password or a post login script is required for dovecot to update the password when the user logs into imap/pop. (See [Convert Password Schemes](https://wiki.dovecot.org/HowTo/ConvertPasswordSchemes)) ----- - [ ] Update documentation - [ ] Create a post login script for use with dovecot

kerem

2026-02-27 11:15:26 +03:00

closed this issue
added the
enhancement

documentation
labels

kerem commented

2026-02-27 11:15:26 +03:00

Author

Owner

@ghost commented on GitHub (Mar 4, 2018):

Another thing to note is BLF-CRYPT isn't available with dovecot 2.2 on MOST linux distributions, it is however included in dovecot 2.3. Dovecot Password Schemes.

dovecot pw -l lists what scheme dovecot supports.

@ghost commented on GitHub (Mar 4, 2018): Another thing to note is BLF-CRYPT isn't available with dovecot 2.2 on *MOST* linux distributions, it is however included in dovecot 2.3. [Dovecot Password Schemes](https://wiki2.dovecot.org/Authentication/PasswordSchemes). `dovecot pw -l` lists what scheme dovecot supports.

kerem commented

2026-02-27 11:15:26 +03:00

Author

Owner

@bobslee commented on GitHub (Mar 4, 2018):

Great info @fyfe Thanks!
I just put it on agenda to switch to bcrypt, when dovecot 2.3 is released.

@bobslee commented on GitHub (Mar 4, 2018): Great info @fyfe Thanks! I just put it on agenda to switch to **bcrypt**, when dovecot 2.3 is released.

kerem commented

2026-02-27 11:15:26 +03:00

Author

Owner

@almereyda commented on GitHub (Oct 17, 2023):

Unfortunately it is not possible to recover a once hashed password (with salt) and to rehash it with another algorithm. This is only possible as described by a user changing their password.

Fortunately we have this setting, so people don't even need to change it, but login once (to the Modoboa admin interface, I guess):

Would this feature mean that the password is transferred in plain text to the server, and not itself in a hashed format? The server should never know the plain text of my secrets. 👀

Switching to the most up-to-date password scheme is still highly encouraged. Dovecot and Django just need to be of the same opinion here. Maybe it's good to follow good practices and use something more up to date than bcrypt:

Nextcloud for example used bcrypt ($2y prefix) for older accounts, but is now using Argon2i(d) for newer ones:

github.com/nextcloud/server@b4fec29e8e/lib/private/Security/Hasher.php (L85)

Django supports other hashes via the Python bcrypt module, and preferably argon2-cffi, as seen in the identity provider Authentik (which is also based on Django).

Argon2ID is also supported in recent dovecot versions, if the local libsodium supports it:

https://doc.dovecot.org/configuration_manual/authentication/password_schemes/

With a little caveat on memory consumption of the auth_worker and how to configure it for Argon2, but not Argon2id:

https://blog.germancoding.com/2020/11/27/dovecot-and-argon2-doesnt-work-this-may-be-why/

We can check if our dovecot instance supports Argon2id by running this command from the dovecot documentation page:

doveadm pw -s argon2id

@almereyda commented on GitHub (Oct 17, 2023): Unfortunately it is not possible to recover a once hashed password (with salt) and to rehash it with another algorithm. This is only possible as described by a user changing their password. Fortunately we have this setting, so people don't even need to change it, but login once (to the Modoboa admin interface, I guess): > ![image](https://github.com/modoboa/modoboa/assets/1645308/c04a368a-13a6-4144-948a-7611dadb94b3) > > *Would this feature mean that the password is transferred in plain text to the server, and not itself in a hashed format?* The server should never know the plain text of my secrets. :eyes: Switching to the most up-to-date password scheme is still highly encouraged. Dovecot and Django just need to be of the same opinion here. Maybe it's good to follow good practices and use something more up to date than bcrypt: Nextcloud for example used bcrypt ($2y prefix) for older accounts, but is now using Argon2i(d) for newer ones: https://github.com/nextcloud/server/blob/b4fec29e8e403cdf6a589f5a0855b3b904c720e4/lib/private/Security/Hasher.php#L85 Django supports other hashes via the Python `bcrypt` module, and preferably `argon2-cffi`, as seen in the identity provider Authentik (which is also based on Django). - https://docs.djangoproject.com/en/4.2/topics/auth/passwords/ - https://argon2-cffi.readthedocs.io/en/stable/ Argon2ID is also supported in recent dovecot versions, if the local `libsodium` supports it: - https://doc.dovecot.org/configuration_manual/authentication/password_schemes/ With a little caveat on memory consumption of the `auth_worker` and how to configure it for Argon2, but not Argon2id: - https://blog.germancoding.com/2020/11/27/dovecot-and-argon2-doesnt-work-this-may-be-why/ We can check if our dovecot instance supports Argon2id by running this command from the dovecot documentation page: doveadm pw -s argon2id