| Summary | Secondary authentication |
| Queue | Horde Base |
| Queue Version | Git master |
| Type | Enhancement |
| State | Rejected |
| Priority | 1. Low |
| Owners | |
| Requester | lameventanas (at) gmail (dot) com |
| Created | 06/05/2013 (4413 days ago) |
| Due | |
| Updated | 01/28/2016 (3446 days ago) |
| Assigned | |
| Resolved | 01/28/2016 (3446 days ago) |
| Milestone | |
| Patch | No |
New Attachment: horde-auth.pdf
backend password (eg: LDAP, IMAP) in an encrypted form. The
app-specific password is used as the encryption key. For safety
reasons, the app-specific password is not stored, only a hash of it.
There might be other ways to implement it safely, this is just an idea.
Please see the attachment.
and the applications (not to mention access to the IMAP server through
IMP). Using a different password for each application, or even just
for ActiveSync access would prevent authentication to at least some of
the data that is needed.
Please see this:
https://support.google.com/accounts/answer/185833
And a video explaining it:
http://www.youtube.com/watch?v=zMabEyrtPRg&t=2m13s
It is possible to implement this independently of Horde (eg: for email
it could be done in the imap server), but we need support for SyncML
and Activesync, and also a Horde module for the password management.
State ⇒ Feedback
authentication different that Horde's. How is what you are asking for
different than this?
Priority ⇒ 1. Low
Type ⇒ Enhancement
Summary ⇒ Secondary authentcation
Queue ⇒ Horde Base
Milestone ⇒
Patch ⇒ No
State ⇒ New
for different parts of Horde.
For example, I could have my normal authentication to use every
function in Horde, IMP, etc. And then a secondary one that only works
to synchronize my cellphone over SyncML, or possibly for other things.
That way if my secondary password is compromised the damage is limited.
I think google has a similar system.