1.5 KiB
1.5 KiB
Reset user password
- SSHA512 is recommended for SQL backends, don't use MD5 unless you have a reason.
- BCRYPT is recommended for SQL backens on BSD systems.
With MySQL or PostgreSQL backends, you can generate a password hash with
openssl
or doveadm
command first, then replace old one with this newly
generated one.
For example:
- Generate a salted MD5 password hash with
openssl
(plain password is123456
in this case):
$ openssl passwd -1 123456
$1$2dQ48hyz$.mCLeDSdPkP3fxVmARsB.0
Or, generate password hash with doveadm
:
$ doveadm pw -s 'ssha512' -p '123456'
{SSHA512}jOcGSlKEz95VeuLGecbL0MwJKy0yWY9foj6UlUVfZ2O2SNkEExU3n42YJLXDbLnu3ghnIRBkwDMsM31q7OI0jY5B/5E=
- Reset password for user
user@domain.ltd
andanother-user@domain.ltd
:
sql> USE vmail;
sql> UPDATE mailbox SET password='$1$2dQ48hyz$.mCLeDSdPkP3fxVmARsB.0' WHERE username='user@domain.ltd';
sql> UPDATE mailbox SET password='{SSHA512}jOcGSlKEz95VeuLGecbL0MwJKy0yWY...' WHERE username='another-user@domain.ltd';
With OpenLDAP backend, you can reset it with phpLDAPadmin or other LDAP client
tools, SSHA
is preferred if you have other applications to authenticate
users against OpenLDAP.
It's ok to use plain password temporarily, then login to Roundcube webmail or iRedAdmin-Pro (with self-service enabled) to reset password immediately. For example:
sql> UPDATE mailbox SET password='{PLAIN}123456' WHERE username='user@domain.ltd';