On Sat, Apr 26, 2025 at 7:57 AM Sam Varshavchik <mr...@courier-mta.com> wrote: > > Jeffrey Walton writes: > > > One of the most important reasons I use Gmail is because it supports > > multi-factor authentication (mfa). MFA is great at helping keeping an > > account secure. Consider, the IETF has never updated SMPT, IMAP or POP > > to include MFA workflows. > > Neither SMTP, or IMAP, or POP3, will ever "include MFA workflows" for the > same reason that, say, a recipe for a strawberry shortcake will never > include jalapeno peppers: it does not belong there. All three protocols > implement SASL, and that's as far as they go, or should go. > > A brief search finds several implementations of OTP on top of SASL. There's > your MFA for SMTP, IMAP, and POP3. You're welcome.
From RFC 9051, Section 6.2.2. AUTHENTICATE Command, <https://datatracker.ietf.org/doc/rfc9051/>: Note that the SASL framework allows for the creation of SASL mechanisms that support 2-factor authentication (2FA); however, none are fully ready to be recommended by this document. Jeff -- _______________________________________________ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
