Welcome,
Guest
. Please
login
or
register
.
Did you miss your
activation email
?
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
Home
Help
Search
Login
Register
Roundcube Community Forum
»
Third Party Contributions
»
API Based Plugins
»
One Time Password
« previous
next »
Print
Pages: [
1
]
Author
Topic: One Time Password (Read 6410 times)
helmutkaufmann
Newbie
Posts: 3
One Time Password
«
on:
January 15, 2013, 07:54:23 AM »
Hi,
Is there an option to use One Time Passwords with Roundcube without having to install an own authentication server (as it seems to be necessary with the OpenOTP plugin for Roundcube)? Should I have missed a posting, I'd appreciate being pointed to that posting.
Thanks a lot,
Helmut
«
Last Edit: January 15, 2013, 07:56:00 AM by helmutkaufmann
»
Logged
SKaero
Administrator
Hero Member
Posts: 5,882
Re: One Time Password
«
Reply #1 on:
January 15, 2013, 02:10:30 PM »
RoundCube needs the imap account password to login into the mail server so a one time password system should be setup as part of the mail server authentication not RoundCube. Alternatively if you have no access to the mail server you could make a RoundCube plugin do it but it would be less secure.
Logged
SK
aero
helmutkaufmann
Newbie
Posts: 3
Re: One Time Password
«
Reply #2 on:
January 16, 2013, 09:33:05 AM »
Hi,
That I understand... The solution to that would be - as I think you suggested - would be a login plugin that handles the authentication with OTP and then reads the IMAP credentials from, e.g. a database. I cannot pass these on along with the OTP credential as anyone could just use it straight with the IMAPping server.
So, noone having done something like this for RC?
Thanks a lot,
Helmutz
Logged
SKaero
Administrator
Hero Member
Posts: 5,882
Re: One Time Password
«
Reply #3 on:
January 16, 2013, 09:43:41 AM »
To my knowledge there isn't currently a plugin that does that, but I don't think it would be to hard to code.
Logged
SK
aero
helmutkaufmann
Newbie
Posts: 3
Re: One Time Password
«
Reply #4 on:
January 16, 2013, 03:05:20 PM »
Thanks, folks!
If anyone is reading this some time in the future and implements it, please, do post the plugin. I think it would be of real value add - especially for people on the road, who read email on somehow untrusted devices...
Best,
Helmut
Logged
corbosman
Sr. Member
Posts: 260
Re: One Time Password
«
Reply #5 on:
February 05, 2013, 04:17:21 PM »
How do you read credentials from a database? Any serious authentication systems does not have access to plaintext credentials. Only one way hashed passwords.
I have implemented an OTP system on roundcube for our company. It's far from trivial. I had the system that does the OTP verification create a Single Signon token for the webmail session, then return the SSO token to roundcube, and in a plugin I replace the password with the SSO. Our authentication backend behind imap can verify both passwords and SSOs.
An easier (but to me less safe) way to do it is to use dovecot's master password option. Wouldnt be allowed in our company, but YMMV.
Cor
Logged
Print
Pages: [
1
]
« previous
next »
Roundcube Community Forum
»
Third Party Contributions
»
API Based Plugins
»
One Time Password
