dovecot 2.4 auth: Error: sql: Invalid password in passdb: Weak password scheme 'MD5-CRYPT'

Discussion in 'Tips/Tricks/Mods' started by fireba11, Feb 5, 2026.

Tags:
  1. fireba11

    fireba11 Member

    After upgrading to debian 13 and now also upgrading dovecot (held it back untill the ispconfig release :-D) mail Login failed with
    auth-worker(...)<2382351>: request [32]: Error: sql: Invalid password in passdb: Weak password scheme 'MD5-CRYPT' used and refused

    Apparently the Mail logins (yes thos might be quite old :-D) are stored in an old somewhat insecure format in the database, making dovecot 2.4 unhapy.
    Workaround is adding
    auth_allow_weak_schemes = yes
    to your dovecot config.

    Details see https://doc.dovecot.org/main/core/config/auth/schemes.html
    Since ISPconfig should not even have unencrypted passwords, i don't suppose there is a way to update storage format other than resetting all Passwords?

    Also, wanted to document the workaround for others to find :)
     
    fireba11, Feb 5, 2026
    #1
    till likes this.
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Passwords are hashed in the same way as the passwords in /etc/passwd are encrypted, so we can not update the format. The only way is to re-enter the password so it can be encrypted using the current encryption format.
     
    till, Feb 6, 2026
    #2
    ahrasis likes this.

Share This Page