Re: two factor auth

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

The certificate technique may be a good path! I will investigate.
 
Gabriele
 
 
Sonicle S.r.l. http://www.sonicle.com
Music: http://www.gabrielebulfon.com
eXoplanets : https://gabrielebulfon.bandcamp.com/album/exoplanets
 



----------------------------------------------------------------------------------

Da: Alvin Starr via Info <info@xxxxxxxxxxxxxxxxxx>
A: info@xxxxxxxxxxxxxxxxxx
Data: 15 gennaio 2021 19.41.46 CET
Oggetto: Re: two factor auth

On 1/15/21 12:39 PM, o1bigtenor wrote:
> On Fri, Jan 15, 2021 at 11:14 AM Gabriele Bulfon via Info
> <info@xxxxxxxxxxxxxxxxxx> wrote:
>> Hi, is there any possibility to have Cyrus Imap run some kind of two factor authentication?
>> Be it OTP or OAuth or anything else that will be supported by imap clients.
>>
> Greetings
>
> I am a 'rural' person and my stupid phone coverage is about a
> wonderful and likely as
> finding honest politicians. I have therefore become most vehemently
> anti any kind of
> authentication that necessitates the use of a 'stupid phone'. I would
> suggest that
> demanding the use of serious passwords would make the need for such more than
> one factor authentication much less likely.
>
> This may never be an issue for you but this is almost a daily problem
> here and the
> industry (computer) seems to believe otherwise therefore my interjecting!
multi-factor authentication does not immediately mean SMS.
And SMS is not the best extra factor
https://cacm.acm.org/magazines/2020/12/248798-security-analysis-of-sms-as-a-second-factor-of-authentication/fulltext
I have seen people use a phone call with "press 1" as the check.
There are the GoogleAuthenticator or Authy type systems.

The thing is that the mail readers would need to support MFA and I am
not sure what the state of that is these days.

I wonder if client certificates could be used to make sure the TLS links
are allowed only between authorized clients and the server?

>
> Regards

--
Alvin Starr || land: (647)478-6285
Netvel Inc. || Cell: (416)806-0133
alvin@xxxxxxxxxx ||


------------------------------------------
Cyrus: Info
Permalink: https://cyrus.topicbox.com/groups/info/T0cce10bfd349100c-M2ca22344caf410bdf07afb4f
Delivery options: https://cyrus.topicbox.com/groups/info/subscription


[Index of Archives]     [Cyrus SASL]     [Squirrel Mail]     [Asterisk PBX]     [Video For Linux]     [Photo]     [Yosemite News]     [gtk]     [KDE]     [Gimp on Windows]     [Steve's Art]

  Powered by Linux