From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from nautica.notk.org (nautica.notk.org [91.121.71.147]) by hurricane.the-brannons.com (Postfix) with ESMTPS id CC8657AC26 for ; Sat, 21 Jul 2018 04:21:00 -0700 (PDT) Received: by nautica.notk.org (Postfix, from userid 1001) id EFB4BC009; Sat, 21 Jul 2018 13:20:58 +0200 (CEST) Date: Sat, 21 Jul 2018 13:20:43 +0200 From: Dominique Martinet To: Karl Dahlke Cc: edbrowse-dev@edbrowse.org Subject: Re: [edbrowse-dev] two factor, per device Message-ID: <20180721112043.GA13812@nautica> References: <20180621054446.eklhad@comcast.net> X-BeenThere: edbrowse-dev@edbrowse.org List-Id: Edbrowse Development List MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20180621054446.eklhad@comcast.net> User-Agent: Mutt/1.5.21 (2010-09-15) Karl Dahlke wrote on Sat, Jul 21, 2018: > You get an imap password, somehow, and you claim it is per device? How > is that possible? No, well, yes - the way they want it to work is you generate as many password as "apps" you want to use gmail with, so it's your "job" to generate one per device. More to the point, when you generate such a password it's given once and then there's no way to view it again, so unless you go find it in your .ebrc or somewhere you wrote it down it's probably easier for most people to make another one up when they need a second one. I doubt they'll forbid you to log in if you use the same one for multiple programs/devices though. > If password foobar gets you in to imap from mutt on your phone, it > will get you in on edbrowse on your desktop. Right, it's just a matter of user perspective. But my arguments from the previous mail stand: if you were a good boy and used a different password for each device, and one of them gets stolen, it's easy to revoke that one. If on the other hand you want to use the same generated password for everything then it's the same as before, like you say. -- Dominique