Comment on Mailbox.org now has normal 2FA
LWD@lemm.ee 1 week ago
Okay, so for those of us using third party apps like Thunderbird, everything is done using app specific passwords, which is great
The new feature for Email App Passwords for external email programmes
But if this is a new feature, how did third party apps work before? Could people just not use them if they enabled 2FA?
GreatBlue@infosec.pub 1 week ago
Basically, yes, they couldn’t use them. The old 2FA had a really weird implementation…
20nat@feddit.it 1 week ago
This is just wrong, you used the main account password instead of an app password
Rogue1633@discuss.tchncs.de 1 week ago
You could use third party clients with 2FA enabled in the past (at least I could). I think I used my normal password for the clients, so no real 2FA on that side, but that’s no different from the new app specific passwords. IMAP doesn’t allow 2FA so every mail provider allowing third party clients essentially has a weak point with no 2FA there.