sha512-crypt mysql and dovecot

前端 未结 1 2029
无人共我
无人共我 2021-02-08 06:42

I have a question about understanding sha512-crypt hashing. I found this tutorial to set up dovecot and postfix with mysql. I followed the tutorial (with slight modifications) a

1条回答
  •  花落未央
    2021-02-08 07:20

    The salt is saved as part of the password. For example calling:

    ENCRYPT('firstpassword', CONCAT('$6$', 'FooBarBaz')) 
    

    Gives

    $6$FooBarBaz$.T.G.7FRJqZ6N2FF7b3BEkr5j37CWhwgvPOOoccrr0bvkBbNMmLCxzqQqKJbNhnhC.583dTBLEuZcDuQe7NEe.

    This stores both the algorithm used (6 being SHA512) and the salt ('FooBarBaz') both delinated by $.

    Edit: To check a password you can use:

    password = ENCRYPT('user_input', `password`)
    

    ENCRYPT will grab the salt from the stored password and use this when checking user_input.

    Full credit to hek2mgl for the password check he detailed in this answer.

    0 讨论(0)
提交回复
热议问题