The certificate technique may be a good path! I will investigate.
Gabriele
Sonicle S.r.l. : http://www.sonicle.com
eXoplanets : https://gabrielebulfon.bandcamp.com/album/exoplanets
----------------------------------------------------------------------------------
Da: Alvin Starr via Info <info@xxxxxxxxxxxxxxxxxx>
A: info@xxxxxxxxxxxxxxxxxx
Data: 15 gennaio 2021 19.41.46 CET
Oggetto: Re: two factor auth
On 1/15/21 12:39 PM, o1bigtenor wrote:
> On Fri, Jan 15, 2021 at 11:14 AM Gabriele Bulfon via Info
> <info@xxxxxxxxxxxxxxxxxx> wrote:
>> Hi, is there any possibility to have Cyrus Imap run some kind of two factor authentication?
>> Be it OTP or OAuth or anything else that will be supported by imap clients.
>>
> Greetings
>
> I am a 'rural' person and my stupid phone coverage is about a
> wonderful and likely as
> finding honest politicians. I have therefore become most vehemently
> anti any kind of
> authentication that necessitates the use of a 'stupid phone'. I would
> suggest that
> demanding the use of serious passwords would make the need for such more than
> one factor authentication much less likely.
>
> This may never be an issue for you but this is almost a daily problem
> here and the
> industry (computer) seems to believe otherwise therefore my interjecting!
multi-factor authentication does not immediately mean SMS.
And SMS is not the best extra factor
https://cacm.acm.org/magazines/2020/12/248798-security-analysis-of-sms-as-a-second-factor-of-authentication/fulltext
I have seen people use a phone call with "press 1" as the check.
There are the GoogleAuthenticator or Authy type systems.
The thing is that the mail readers would need to support MFA and I am
not sure what the state of that is these days.
I wonder if client certificates could be used to make sure the TLS links
are allowed only between authorized clients and the server?
>
> Regards
--
Alvin Starr || land: (647)478-6285
Netvel Inc. || Cell: (416)806-0133
alvin@xxxxxxxxxx ||
------------------------------------------
Cyrus: Info
Permalink: https://cyrus.topicbox.com/groups/info/T0cce10bfd349100c-M2ca22344caf410bdf07afb4f
Delivery options: https://cyrus.topicbox.com/groups/info/subscription