[CLUE-Tech] Secure authentication POP/IMAP
Jeff Cann
j.cann at isuma.org
Fri Jun 4 15:55:40 MDT 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Friday 04 June 2004 10:01 am, Angelo Bertolli wrote:
> Is POP/IMAP authentication usually secure? I guess when setting up my
> email client in Mozilla, I notice that it has both "use secure
> authentication" and "use secure connection" which I take to mean... that
> even if I am use the pop3s daemon, my authentication might NOT be secure?
Use secure connection means that your client is tunnelled through a secure
shell (SSH) connection. This means any information that goes between the
mail server and your mail client is encrypted and hard for anyone to eavsdrop
on your email contents. You can safely use an unencrypted password to login
to your mail server using a secure connection.
Use secure authentication means that the password you send to the client is
encrypted. This does not mean that the connection information is encrypted
(as above), but does mean that your email password is secure. This is one
way to secure your login but your email information is susceptable
(relatively unlikely) to snooping.
Whether or not you can use either of these depends on what your mail server
supports.
The mail server I administer uses secure connections but not secure
authentication.
HTH-
Jeff
- --
"Faith that does not affect a person's culture is a faith not fully embraced,
not entirely thought out, not faithfully lived."
- - Pope John Paul II
http://isuma.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQFAwO/gi4b9OApLCmoRAspDAJsEkHzwdBQJ/w2T3Pcw5N62DL9fdQCeMVuW
44ag1jsz4wh87ohKimhlKFI=
=dveq
-----END PGP SIGNATURE-----
More information about the clue-tech
mailing list