2 Factor authentication for SMTP
Could we please add and enforce 2fa on SMTP connection pass+token? This would stop the possibility/ limit compromised pc and stolen password from being used. Which would also lower spam.
This would also not be a bad feature for IMAP and POP3.
Andrew Menard Pike
shared this idea
Hi Andrew,
We can add two factor authentication to the SMTP service, but since most email clients do not support it, users would be burdened with entering their password and a token every time the email client needs to login. It is my opinion that users are not going to want to do this. A much easier alternative, that is possible with the current version, would be to give each user account a longer password, MDaemon allows up to 72 characters when using non reversible password encryption. This doesn’t solve the problem, but it does make it much harder for passwords to be stolen. You can also enable location screening to restrict locations that are able to attempt to authenticate.