26 Apr
2025
26 Apr
'25
11:55 a.m.
Jeffrey Walton writes:
On Sat, Apr 26, 2025 at 7:57 AM Sam Varshavchik mrsam@courier-mta.com wrote:
A brief search finds several implementations of OTP on top of SASL. There's your MFA for SMTP, IMAP, and POP3. You're welcome.
From RFC 9051, Section 6.2.2. AUTHENTICATE Command, https://datatracker.ietf.org/doc/rfc9051/:
Note that the SASL framework allows for the creation of SASL mechanisms that support 2-factor authentication (2FA); however, none are fully ready to be recommended by this document.
RFC 9051 is IMAP, but the same applies to POP and SMTP.