iredmail-doc/howto/reset.user.password.md

Reset user password

• SSHA512 is recommended for SQL backends, don't use MD5 unless you have too.
• BCRYPT is recommended for SQL backens on BSD systems.

With MySQL or PostgreSQL backends, you can generate a password hash with openssl or doveadm command first, then replace old one with this newly generated one.

For example:

• Generate a salted MD5 password hash with openssl (plain password is 123456 in this case):

$ openssl passwd -1 123456
$1$2dQ48hyz$.mCLeDSdPkP3fxVmARsB.0

Or, generate password hash with doveadm:

$ doveadm pw -s 'ssha512' -p '123456'
{SSHA512}jOcGSlKEz95VeuLGecbL0MwJKy0yWY9foj6UlUVfZ2O2SNkEExU3n42YJLXDbLnu3ghnIRBkwDMsM31q7OI0jY5B/5E=

• Reset password for user user@domain.ltd and another-user@domain.ltd:

sql> USE vmail;
sql> UPDATE mailbox SET password='$1$2dQ48hyz$.mCLeDSdPkP3fxVmARsB.0' WHERE username='user@domain.ltd';
sql> UPDATE mailbox SET password='{SSHA512}jOcGSlKEz95VeuLGecbL0MwJKy0yWY...' WHERE username='another-user@domain.ltd';

With OpenLDAP backend, you can reset it with phpLDAPadmin or other LDAP client tools, SSHA is preferred if you have other applications to authenticate users against OpenLDAP.

See also

• Password hashes used/supported by iRedMail