diff --git a/doc/guix.texi b/doc/guix.texi
index 2515ec146f381f3ad70c13d81172ac0708d62115..1caecfc3e48799e0a4b8f5d7a462d04482e37b44 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -15878,13 +15878,13 @@ failed.
 Defaults to @samp{#f}.
 @end deftypevr
 
-@deftypevr {@code{dovecot-configuration} parameter} boolean auth-verbose-passwords?
+@deftypevr {@code{dovecot-configuration} parameter} string auth-verbose-passwords
 In case of password mismatches, log the attempted password.  Valid
 values are no, plain and sha1.  sha1 can be useful for detecting brute
 force password attempts vs.  user simply trying the same password over
 and over again.  You can also truncate the value to n chars by appending
 ":n" (e.g.@: sha1:6).
-Defaults to @samp{#f}.
+Defaults to @samp{"no"}.
 @end deftypevr
 
 @deftypevr {@code{dovecot-configuration} parameter} boolean auth-debug?
diff --git a/gnu/services/mail.scm b/gnu/services/mail.scm
index 0dabfed4cb5378b137009fc097b10ebab5e04601..216b2c80b0c6ed0c38346a61893d8fc22da0ef74 100644
--- a/gnu/services/mail.scm
+++ b/gnu/services/mail.scm
@@ -806,8 +806,8 @@ (define-configuration dovecot-configuration
    "Log unsuccessful authentication attempts and the reasons why they
 failed.")
 
-  (auth-verbose-passwords?
-   (boolean #f)
+  (auth-verbose-passwords
+   (string "no")
    "In case of password mismatches, log the attempted password.  Valid
 values are no, plain and sha1.  sha1 can be useful for detecting brute
 force password attempts vs.  user simply trying the same password over