1176

How to store mailbox passwords using non-reversible encryption

MDaemon versions 17.0 and above have the ability to store user passwords using non-reversible encryption.  This protects passwords from the MDaemon admin, server admin, or a possible attacker.  When enabled, passwords have a maximum length of 72 characters.   Passwords are also preserved, but not revealed, when importing/exporting to or from an MDaemon server. 

Considerations

  • APOP and CRAM-MD5 authentication methods will not work with this feature enabled, as they depend on MDaemon being able to decrypt passwords
  • MDaemon's weak password report feature is not compatible with this feature.

 

To enable storing password using non-reversible encryption: 

  1. Select Accounts
  2. Select Account Settings
  3. Expand Other
  4. Select Passwords
  5. Click the Store mailbox passwords using non-reversible encryption
  6. Click Apply
    • A pop-up will appear to verify and state this process can take some time, depending on the number of accounts.
  7. Click Yes to begin converting all passwords into a non-reversible, encrypted state.
  8. Click OK on the pop-up when the process finishes.
  9. Click OK to close the Account Settings window.