Chris Hilts schrieb: (...) >> Real password could be used as a fallback. >> >> >> I've seen this in the development changelog, which could indicate that >> such functionality may exist: >> >> Added code that allows to use internal password functions in sqimap_login(). >> >> >> But not much more info. Anyone? >> >> >> > You said it yourself - every IMAP usage in SM is a new > connection/authentication. You want to get prompted to enter your OTP > every time you click Inbox, or a message? Not only would it be unusably > awkward, you'd run out of generated OTPs in a hurry. No, I would like to use exactly one password per session. And, as an alternative, it would be nice to be able to use the "original" password. Technically, it could look more or less like this: - login with a OTP - SquirrelMail (or some plugin) looks up the real password in the database, and connects to the IMAP server with that password A clear drawback is that the "real" password has to be probably stored in plain in a database. However, this is still much more secure than logging with the main password in some random internet cafe at the other end of the world, probably running all sorts of keyloggers etc... -- Tomasz Chmielewski http://wpkg.org ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ ----- squirrelmail-users mailing list Posting guidelines: http://squirrelmail.org/postingguidelines List address: squirrelmail-users@xxxxxxxxxxxxxxxxxxxxx List archives: http://news.gmane.org/gmane.mail.squirrelmail.user List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
