Security – Dovecot + Roundcube + One Time Password Authentification = Possible

roundcubeSecuritywebmail

As stated in the topic, I would like to install the dovecot imapserver, and enable web-access via the roundcube-client.
To heighten security when logging in from unsecure machines, I would like to login via One Time Passwords (e.g. OPIE).
Would that be possible?
Does anyone have experience implementing such a feature into to a webmail client?

Best Answer

This tutorial is a bit old, but should a good guide whatever two-factor auth system you choose. To get two-factor authentication working on linux, your best bet is to go through PAM. Point PAM to your two-factor auth server via pam-radius, pam-ldap etc.

http://www.wikidsystems.com/support/wikid-support-center/how-to/how-to-configure-webmail-for-wikid-strong-authentication/?searchterm=imap

There's also a feature request to allow SASL OTP in Roundcube.

hth

nick

Best Answer

Related Solutions

How to get RoundCube work with dovecot and postfix

Security – Our security auditor is an idiot. How to give him the information he wants

Related Topic