"Having access only to your email" has already caused a lot of amounts of money loss to many companies, by selecting big money order emails and acting as the company to redirect bank transactions. I was looking for some way to authorize devices or apps to use imap. Gabriele Sonicle S.r.l. : http://www.sonicle.com Music: http://www.gabrielebulfon.com eXoplanets : https://gabrielebulfon.bandcamp.com/album/exoplanets
---------------------------------------------------------------------------------- Da: Ian Batten via Info <[email protected]> A: Info <[email protected]> Data: 15 gennaio 2021 22.38.55 CET Oggetto: Re: two factor auth Indeed, but the application specific passwords are constant. You need to assess your threat model and your risk appetite, but an application-specific password is on the one hand good, because an attacker who learns it "only" has access to your email (which is small comfort if the email permits password resets on other accounts, of course) but has that access on an ongoing basis. Certainly, if your security policy mandates 2FA, then application-specific passwords won't satisfy that requirement. ian On 15/01/2021, 18:37, "Adam Tauno Williams" <[email protected]> wrote: On Fri, 2021-01-15 at 17:44 +0000, Ian Batten via Info wrote: > No, because IMAP clients are continuously creating and destroying > IMAP sessions. > The correct solution if you need two-factor authentication for a mail > server is to put the IMAP service behind a VPN server and permit > access to email only via the VPN, which in turn has two-factor > authentication. Stacks like Office365 "solve" the two factor authentication requirement in the case of services like IMAP & SMTP by having "application passwords". So my IMAP password is distinct from my user password; it is both machine generated [longish and random] and also does not expire. ------------------------------------------ Cyrus: Info Permalink: https://cyrus.topicbox.com/groups/info/T0cce10bfd349100c-M17868260785e6635744cf9b5 Delivery options: https://cyrus.topicbox.com/groups/info/subscription
