Roundcube Community Forum

News and Announcements => General Discussion => Topic started by: Scorpion on June 12, 2019, 10:27:30 AM

Title: Does Roundcube allow 'Two Step Authentication'?
Post by: Scorpion on June 12, 2019, 10:27:30 AM
Is anyone able to point me in the direction of where I could go about installing some kind of 'Two Step Authentication' onto Roundcube's Webmail?

Assuming this is possible, is there also a way to create some kind of 'App Password' like Hotmail and Gmail does?  The reason for asking, is that I currently use a 3rd party Email Client to manage my Emails.  As such, I would need some kind of 'App Password', so that I do not need to enter such Codes into the Email Client every time I wish to access the emails.
Title: Re: Does Roundcube allow 'Two Step Authentication'?
Post by: JohnDoh on June 12, 2019, 01:40:03 PM
Roundcube's plugin API allows you to alter the login process and you can insert a 2FA step but that's only half of it. Before you can think about adding support into Roundcube you first need to add support for it to your IMAP server - making sure your "normal" password will only be accept if entered via Roundcube and adding support for app passwords.

Kolab have published a 2FA plugin which might give you some pointers on how to implement the roundcube parts https://git.kolab.org/diffusion/RPK/browse/master/plugins/kolab_2fa/
Title: Re: Does Roundcube allow 'Two Step Authentication'?
Post by: mwww on October 25, 2022, 09:53:45 AM
Rublon offers an open source Roundcube connector so that you can use 2FA with Mobile Push via mobile app, SMS and FIDO hardware tokens like YubiKeys: https://rublon.com/doc/roundcube/

The source code is on GitHub: https://github.com/Rublon/rublon-roundcube