Authentication backend choice

chaouche yacine yacinechaouche at yahoo.com
Tue Mar 22 09:08:00 EDT 2016


Hello cyrus,

I need to make a choice at how will I store my user/password pairs. I was
thinking that the easiest way was to just use sasldb and create the user
accounts with saslpasswd2, but I've read that it stores the passwords in
clear text. Is this a security risk ? I would like to save myself the
"burden" of setting up a mysql database only for the purpose of having an

encrytped password storage. Is there another way of storing passwords 

in a secure way without setting up the database myself ?

For the moment, I plan to use it for postfix authentication in a virtual
domain/users context. I am also using courier as an IMAP and I don't know 

yet how to configure it's authentication, so I can't tell if I'll be using 

it for courier too.

Thank you for your insights.

Yassine.


More information about the Cyrus-sasl mailing list