1 Topic by skilledPigeon

  • skilledPigeon
  • Member
  • Offline
  • Registered: 2011-06-26
  • Posts: 4

Topic: Generate Mailbox Password In PHP

How can I generate a valid password hash manually from a PHP file? I think I understand generally how the password is made but I just can't seem to get it quite right...

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,088

Re: Generate Mailbox Password In PHP

You can generate MD5 password for mail users stored in MySQL, or SSHA for OpenLDAP.

3 Reply by skilledPigeon

  • skilledPigeon
  • Member
  • Offline
  • Registered: 2011-06-26
  • Posts: 4

Re: Generate Mailbox Password In PHP

ZhangHuangbin wrote:

You can generate MD5 password for mail users stored in MySQL, or SSHA for OpenLDAP.

Does that mean its just normal md5? I though there was a salt or other modifier too?

4 Reply by skilledPigeon

  • skilledPigeon
  • Member
  • Offline
  • Registered: 2011-06-26
  • Posts: 4

Re: Generate Mailbox Password In PHP

ZhangHuangbin wrote:

You can generate MD5 password for mail users stored in MySQL, or SSHA for OpenLDAP.

This is incorrect, a straight MD5 hash is not how the passwords are stored in MySql. I am looking in the 'vmail'.'mailbox' database.table and '$1$cLoQbQAF$1faoTp17Ak3gFOTsRpl7H/' is not anything MD5 hashed. Also, tried changing a password to straight MD5 and it doesn't work.

A normal MD5 is not the way passwords are stored. No MD5 would look like this. Also, the same password in iredmail gives a different hash each time. Therefore proving beyond a doubt that a simple MD5 hash is not a way to generate your own password hash.

I need to change my admin password easily. I cannot do it this way. Please advise how password hashes are actually generated.

5 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,088

Re: Generate Mailbox Password In PHP

You can generate password (used in iRedMail) with openssl:

# openssl passwd -1 'plain_password'

6 Reply by skilledPigeon

  • skilledPigeon
  • Member
  • Offline
  • Registered: 2011-06-26
  • Posts: 4

Re: Generate Mailbox Password In PHP

ZhangHuangbin wrote:

You can generate password (used in iRedMail) with openssl:

# openssl passwd -1 'plain_password'

That's fantastic thanks, out of interest, if it generates a different hash each time, how does it validate a hash?

7 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,088

Re: Generate Mailbox Password In PHP

Sorry, i think you'd better do some research of PHP, about generate hashed password and validation.