Roundcube Community Forum
News and Announcements => General Discussion => Topic started by: Scorpion on June 12, 2019, 10:27:30 AM
-
Is anyone able to point me in the direction of where I could go about installing some kind of 'Two Step Authentication' onto Roundcube's Webmail?
Assuming this is possible, is there also a way to create some kind of 'App Password' like Hotmail and Gmail does? The reason for asking, is that I currently use a 3rd party Email Client to manage my Emails. As such, I would need some kind of 'App Password', so that I do not need to enter such Codes into the Email Client every time I wish to access the emails.
-
Roundcube's plugin API allows you to alter the login process and you can insert a 2FA step but that's only half of it. Before you can think about adding support into Roundcube you first need to add support for it to your IMAP server - making sure your "normal" password will only be accept if entered via Roundcube and adding support for app passwords.
Kolab have published a 2FA plugin which might give you some pointers on how to implement the roundcube parts https://git.kolab.org/diffusion/RPK/browse/master/plugins/kolab_2fa/
-
Rublon offers an open source Roundcube connector so that you can use 2FA with Mobile Push via mobile app, SMS and FIDO hardware tokens like YubiKeys: https://rublon.com/doc/roundcube/
The source code is on GitHub: https://github.com/Rublon/rublon-roundcube