[tor-bugs] #6986 [Flashproxy]: Set up two-factor auth and app-specific password for email registration helper

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Thu Sep 27 20:29:36 UTC 2012


#6986: Set up two-factor auth and app-specific password for email registration
helper
-------------------------+--------------------------------------------------
 Reporter:  dcf          |          Owner:  dcf  
     Type:  enhancement  |         Status:  new  
 Priority:  normal       |      Milestone:       
Component:  Flashproxy   |        Version:       
 Keywords:               |         Parent:  #6383
   Points:               |   Actualpoints:       
-------------------------+--------------------------------------------------
 Gmail has
 [https://support.google.com/accounts/bin/answer.py?hl=en&answer=185833
 "application-specific passwords"] that are intended to allow SMTP and IMAP
 programs to authenticate without using the main Gmail/Google Account
 password. For some reason, you can only set this up if you've enabled
 [https://support.google.com/accounts/bin/answer.py?hl=en&topic=1056283&answer=185839
 two-factor authentication].

 We should do this because
 1. we can keep the master Gmail password offline, and only allow the
 facilitator access to IMAP under a different password. A breakin on the
 facilitator would not, for example, allow the intruder to set a new Gmail
 forwarding rule.
 2. We can revoke/rotate the IMAP password independently of the master
 Gmail password.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6986>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list