Two factor authentication

Hey Josh and others,

Are there any plans for two factor authentication login in the near by future?


I started work on a branch (see github), but I don’t have any plans to wrap it up any time soon.


Oh cool, I like how you’ve started to implement 2-factor in both the admin interface and configuring Dovecot to auth against the API so that IMAP or whatever can support 2-factor too.

I wonder, are there any examples out there of a non-proprietary mail solution that supports 2-factor? Nowadays 2-factor is a no-brainer for an account as critical to security as your email account, but all the established open source mail software pre-dates that idea by many, many years.

I’m definitely for a 2 factor option as well & the codes work great based on google’s open source implementation.

Just thought I’d revisit this and inquire about this roundcube plugin that seems to be frequently downloaded, updated and on github for someone with knowledge to inspect & possibly incorporate.

Thanks again, @JoshData. My MailInABox is going strong and can’t see myself without it - your work here and the work you do as mentioned by John Oliver is appreciated.

@K87RRR6r6 Thanks. There’s no point to having 2FA enabled only for some services on the box and not others (SMTP, IMAP, the admin panel, and several others), so I don’t think a Roundcube plugin would add any security.

1 Like

Ah! Great point. Sorry I didn’t think through that.