[tor-bugs] #6986 [Flashproxy]: Set up two-factor auth and app-specific password for email registration helper
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Thu Sep 27 20:29:36 UTC 2012
#6986: Set up two-factor auth and app-specific password for email registration
helper
-------------------------+--------------------------------------------------
Reporter: dcf | Owner: dcf
Type: enhancement | Status: new
Priority: normal | Milestone:
Component: Flashproxy | Version:
Keywords: | Parent: #6383
Points: | Actualpoints:
-------------------------+--------------------------------------------------
Gmail has
[https://support.google.com/accounts/bin/answer.py?hl=en&answer=185833
"application-specific passwords"] that are intended to allow SMTP and IMAP
programs to authenticate without using the main Gmail/Google Account
password. For some reason, you can only set this up if you've enabled
[https://support.google.com/accounts/bin/answer.py?hl=en&topic=1056283&answer=185839
two-factor authentication].
We should do this because
1. we can keep the master Gmail password offline, and only allow the
facilitator access to IMAP under a different password. A breakin on the
facilitator would not, for example, allow the intruder to set a new Gmail
forwarding rule.
2. We can revoke/rotate the IMAP password independently of the master
Gmail password.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6986>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list