From: Tomasz C. <ma...@wp...> - 2008-10-29 14:07:22
|
Chris Hilts schrieb: > Tomasz Chmielewski wrote: >> >> No, I would like to use exactly one password per session. >> >> And, as an alternative, it would be nice to be able to use the >> "original" password. >> >> >> Technically, it could look more or less like this: >> >> - login with a OTP >> - SquirrelMail (or some plugin) looks up the real password in the >> database, and connects to the IMAP server with that password >> >> A clear drawback is that the "real" password has to be probably stored >> in plain in a database. >> >> However, this is still much more secure than logging with the main >> password in some random internet cafe at the other end of the world, >> probably running all sorts of keyloggers etc... >> >> > > Ah, that's very different from what I had originally thought you meant. > Yes, this is doable, perhaps even as a plugin. I don't think anyone has > implemented it before now though. You handy with PHP? Could be a fun > project.. Not really. At least I don't think I would finish it before I leave for holiday ;) I think I'll just make password changes every day via cron (with specified passwords), maybe some simple web backend to change the pass ("use next password", pressed after the session is over), unless someone comes up with something better. -- Tomasz Chmielewski http://wpkg.org |