I've got a postfix+dovecot server. I use virtual mailboxes with mysql backend. I'm, checking for implementing 2 factor authentication. I see in dovecot auth.conf there is "otp" option. But I can't find the documentation explaining what method of OTP it uses. I would like to use google authenticator, but I should store the secret key somewhere and configure dovecot to use it. I have no problem on writing my own backend program for this if needed but I need some guide.
Asked
Active
Viewed 307 times
0
-
Before you chose how to change your server configuration, **check which methods can be made to work with the MUAs you are intending to use** - you might end up choosing to leave the complexity out of dovecot, and rather have clients pass a more or less opaque blob they got from an OATH2 website, and that identity portal website deals with the specifics of authentication. – anx Mar 23 '23 at 18:27
-
I would be using mainly outlook, thunderbird, and roundcube webmail. I am checking thunderbird (102.9.0) and I don't see oauth2 option. Only normal password, encrypted password, kerberos/gssapi and ntlm. – user3099887 Mar 24 '23 at 15:27