28 Oct
2020
28 Oct
'20
12:57 a.m.
On Tue, 27 Oct 2020, Sebastian Nielsen wrote:
Kind of stupid that there doesn't exist some common standard for 2FA that works in email clients.
You can bodge it for HOTP/TOTP hardware token generators. Dovecot allows custom plugins to check passwords. The plugin can take passwords of the form {password}+{2fa-token}, then split each part to check against authentication systems to check validity.
Joseph Tam <jtam.home@gmail.com>