On Wed, Jun 13, 2018 at 02:56:03PM +1000, m...@raf.org wrote: > However, it should be pointed out that 2FA/MFA is mostly for > websites. The IMAP/POP protocols have no support for it. It's > unlikely that the POP/IMAP protocols will be changed to > incorporate 2FA/MFA. And until that happens, I doubt there's > much that mutt (or POP/IMAP servers) can do about it.
There is a recent patch to support OAUTH in Mutt (rfc 7628) (see mutt-dev archives). With that, you'd need to visit a link to authenticate when 2FA is required, and an external script is required, but that I think would essentially add 2FA support, and also avoid the need for an application specific password to be used. See thread starting at: http://lists.mutt.org/pipermail/mutt-dev/Week-of-Mon-20180611/000121.html With some further discussion of the 2FA bit at: http://lists.mutt.org/pipermail/mutt-dev/Week-of-Mon-20180611/000128.html I'd imagine that, eventually, the external scripts used to do this could support passing in the token via console vs. following a web link that has to be clicked on or cut / pasted into browser bar. w