Is multi factor authentication practical/feasible?

John Gateley dovecot at
Sun Jul 3 13:50:54 UTC 2022

On 7/3/22 8:31 AM, John Gateley wrote:
> The protocols were designed long before SAML and OIDC. SAML/OIDC give 
> you more control over authn/z
> and allow easily adding in MFA or other different types of auth. To do 
> this right, you'd need to extend
> the protocol to allow OIDC or SAML.

I did find this RFC - I haven't read it, but it applies directly:


More information about the dovecot mailing list