- SSHA512 is recommended for SQL backends, don't use MD5 unless you have a reason.
- BCRYPT is recommended for SQL backens on BSD systems.
With MySQL or PostgreSQL backends, you can generate a password hash with
openssl
or doveadm
command first, then replace old one with this newly
generated one.
For example:
openssl
(plain password is 123456
in this case):$ openssl passwd -1 123456
$1$2dQ48hyz$.mCLeDSdPkP3fxVmARsB.0
Or, generate password hash with doveadm
:
$ doveadm pw -s 'ssha512' -p '123456'
{SSHA512}jOcGSlKEz95VeuLGecbL0MwJKy0yWY9foj6UlUVfZ2O2SNkEExU3n42YJLXDbLnu3ghnIRBkwDMsM31q7OI0jY5B/5E=
user@domain.ltd
and another-user@domain.ltd
:sql> USE vmail;
sql> UPDATE mailbox SET password='$1$2dQ48hyz$.mCLeDSdPkP3fxVmARsB.0' WHERE username='user@domain.ltd';
sql> UPDATE mailbox SET password='{SSHA512}jOcGSlKEz95VeuLGecbL0MwJKy0yWY...' WHERE username='another-user@domain.ltd';
With OpenLDAP backend, you can reset it with phpLDAPadmin or other LDAP client
tools, SSHA
is preferred if you have other applications to authenticate
users against OpenLDAP.
It's ok to use plain password temporarily, then login to Roundcube webmail or iRedAdmin-Pro (with self-service enabled) to reset password immediately. For example:
sql> UPDATE mailbox SET password='{PLAIN}123456' WHERE username='user@domain.ltd';
Document published under a CC BY-ND 3.0 license. If you found something wrong, please do contact us to fix it.