From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from nautica.notk.org (nautica.notk.org [91.121.71.147]) by hurricane.the-brannons.com (Postfix) with ESMTPS id 97B7D783A1 for ; Fri, 20 Jul 2018 20:39:04 -0700 (PDT) Received: by nautica.notk.org (Postfix, from userid 1001) id E7E4AC009; Sat, 21 Jul 2018 05:39:02 +0200 (CEST) Date: Sat, 21 Jul 2018 05:38:47 +0200 From: Dominique Martinet To: Karl Dahlke Cc: edbrowse-dev@edbrowse.org Subject: Re: [edbrowse-dev] Two Factor Message-ID: <20180721033847.GA1649@nautica> References: <20180620212828.eklhad@comcast.net> <20180721015513.GA18666@nautica> <20180620232406.eklhad@comcast.net> X-BeenThere: edbrowse-dev@edbrowse.org List-Id: Edbrowse Development List MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20180620232406.eklhad@comcast.net> User-Agent: Mutt/1.5.21 (2010-09-15) Karl Dahlke wrote on Fri, Jul 20, 2018: > Ok, so somehow you've made a separate imap password, how the hell is that any more secure than the password you use for your account? > Either way an email client is sending over a password. It's just a password. > This looks like bogus bull shit to me. It's a bit bull shit, but the advantage is that you can (should?) have one separate password for each computer / phone / campfire (for mail over smoke signal!); so that if your phone gets stolen you can disable that phone's password and create a new one. Also, the generated password will be more complicated than "passw0rd" (harder to guess than what most people would pick naturally) and doesn't give access to the main web account, so when adding these three points up it's arguably better on the grand scale - so that the password that's very often stored in plain text in a config file like our .ebrc will only give access to mails and not to google calendar or whatever it is people do with their gmail account. Can't say I can relate much to any of the arguments I just gave here, but I can understand that they would encourage people to do this. Now if they disable the old method though I'm not sure what we should do though, probably will have to spend a bit of time figuring why it thinks our browser is not supported... -- Dominique