1. Knowledge Base
  2. MDaemon® Email Server

How do I store mailbox passwords using non-reversible encryption?

Introduced in version 17.0.0, MDaemon has the ability to store user passwords using non-reversible encryption.  This protects passwords from the MDaemon admin, server admin, or a possible attacker.  

When enabled, passwords have a maximum length of 72 characters.   Passwords are also preserved, but not revealed, when importing/exporting to or from an MDaemon server. 


Considerations

  • APOP and CRAM-MD5 authentication methods will not work with this feature enabled, as they depend on MDaemon being able to decrypt passwords
  • MDaemon's weak password report feature is not compatible with this feature.


To enable storing password using non-reversible encryption: 

  1. Select Accounts
  2. Select Account Settings
  3. Expand Other
  4. Select Passwords
  5. Click the Store mailbox passwords using non-reversible encryption
    mdaemon email server menu to enable non-reversible encryption password storage option
  6. Click Apply
    • A pop-up will appear to verify and state this process can take some time, depending on the number of accounts.
  7. Click Yes to begin converting all passwords into a non-reversible, encrypted state.
  8. Click OK on the pop-up when the process finishes.
  9. Click OK to close the Account Settings window.