Release Support > Pending Issues

Different password for Roundcube and external IMAP/SMTP

(1/1)

Giu989:
Is it possible to have the Roundcube password, and the password that's used for IMAP and SMTP connections (such as when using a mail app), be different?
I would like to do this because I've set up 2 factor auth via a plugin on round cube, but this is essentially useless for the moment. But since the Roundcube password is the same as the IMAP/SMTP password, then someone with the password could access the emails anyway through a 3rd party mail app and bypass Roundcube.
Are there any instructions available as to how this could be done?
Thank you!

JohnDoh:
This is not something any client has control over it has to be setup on the server side. For example using Dovecot and storing users in SQL can create support for app passwords of multiple passwords for the same account and then only accept the primary password from specific sources (such as the webmail).

Giu989:

--- Quote from: JohnDoh on April 10, 2019, 03:09:13 AM ---This is not something any client has control over it has to be setup on the server side. For example using Dovecot and storing users in SQL can create support for app passwords of multiple passwords for the same account and then only accept the primary password from specific sources (such as the webmail).

--- End quote ---

That would be exactly what I need. Do you know of any tutorials where I could implement this?

JohnDoh:
not off the top of my head. may be this helps https://www.justinbuchanan.com/blog/post/2012/12/02/Application-Specific-Passwords-for-Dovecot-and-Postfix

Navigation

[0] Message Index