elmau
/
iredmail-doc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
iredmail-doc/html/reset.user.password.html

81 lines
3.7 KiB
HTML
Raw Blame History

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Reset user password</title>
<link rel="stylesheet" type="text/css" href="./css/markdown.css" />
</head>
<body>
<div id="navigation">
<a href="/index.html" target="_blank">
<img alt="iRedMail web site"
src="./images/logo-iredmail.png"
style="vertical-align: middle; height: 30px;"
/>&nbsp;
<span>iRedMail</span>
</a>
&nbsp;&nbsp;//&nbsp;&nbsp;<a href="./index.html">Document Index</a></div><div class="admonition note">
<p class="admonition-title">This tutorial is available in other languages</p>
<ul>
<li><a href="./reset.user.password-zh_CN.html">简体中文</a></li>
</ul>
</div>
<h1 id="reset-user-password">Reset user password</h1>
<blockquote>
<ul>
<li>SSHA512 is recommended for SQL backends, don't use MD5 unless you have a reason.</li>
<li>BCRYPT is recommended for SQL backens on BSD systems.</li>
</ul>
</blockquote>
<p>With MySQL or PostgreSQL backends, you can generate a password hash with
<code>openssl</code> or <code>doveadm</code> command first, then replace old one with this newly
generated one.</p>
<p>For example: generate a SSHA512 password hash with <code>doveadm</code>:</p>
<pre><code>$ doveadm pw -s 'ssha512' -p '123456'
{SSHA512}jOcGSlKEz95VeuLGecbL0MwJKy0yWY9foj6UlUVfZ2O2SNkEExU3n42YJLXDbLnu3ghnIRBkwDMsM31q7OI0jY5B/5E=
</code></pre>
<p>To generate a salted MD5 password hash, you can use <code>doveadm</code> or <code>openssl</code>:</p>
<pre><code># doveadm pw -s 'MD5' -p '123456' | awk -F'{MD5}' '{print $2}'
$1$TDG8oXHb$6YB9NO5NZaZxku0xv6RsW0
# openssl passwd -1 123456
$1$fnWOb5X8$Ed6FYg9CLuWuUQplnwOQK/
</code></pre>
<blockquote>
<p><strong>Important note</strong>: SOGo groupware doesn't support salted MD5 hash without a
prefix, so if you're going to use MD5 password hash with SOGo,
please prepend <code>{CRYPT}</code> prefix in password hash. For example,
<code>{CRYPT}$1$TDG8oXHb$6YB9NO5NZaZxku0xv6RsW0</code>.</p>
</blockquote>
<ul>
<li>Reset password for user <code>user@domain.ltd</code>:</li>
</ul>
<pre><code>sql&gt; USE vmail;
sql&gt; UPDATE mailbox SET password='{SSHA512}jOcGSlKEz95VeuLGecbL0MwJKy0yWY9foj6UlUVfZ2O2SNkEExU3n42YJLXDbLnu3ghnIRBkwDMsM31q7OI0jY5B/5E=' WHERE username='user@domain.ltd';
</code></pre>
<p>With OpenLDAP backend, you can reset it with phpLDAPadmin or other LDAP client
tools, <code>SSHA</code> is preferred if you have other applications to authenticate
users against OpenLDAP.</p>
<p>It's ok to use plain password temporarily, then login to Roundcube webmail
or iRedAdmin-Pro (with self-service enabled) to reset password immediately.
For example:</p>
<pre><code>sql&gt; USE vmail;
sql&gt; UPDATE mailbox SET password='{PLAIN}123456' WHERE username='user@domain.ltd';
</code></pre>
<h2 id="see-also">See also</h2>
<ul>
<li><a href="./password.hashes.html">Password hashes used/supported by iRedMail</a></li>
</ul><p style="text-align: center; color: grey;">All documents are available in <a href="https://bitbucket.org/zhb/iredmail-docs/src">BitBucket repository</a>, and published under <a href="http://creativecommons.org/licenses/by-nd/3.0/us/" target="_blank">Creative Commons</a> license. If you found something wrong, please do <a href="http://www.iredmail.org/contact.html">contact us</a> to fix it.<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-3293801-21', 'auto');
ga('send', 'pageview');
</script>
</body></html>
Reference in New Issue View Git Blame Copy Permalink