A one-time password (OTP) is a password that is only valid for a single login session. This is very useful for a webmail client when it is used in an unsafe environment. To use a OTP the user must know the current sequence number. For a terminal login the sequence number is displayed by the login program, a webmail client must also be able to give this information to the user. An easy solution is here given:
SquirrelMail displays the error response from IMAP server, that contains the OTP sequence number, to the user. When the user does not know the sequence number, he can try to login with his name and an arbitrary password and the error message will contain the sequence number. With this number he can determine the right password and login again.
The attached patch implements the display of error response from IMAP server. With current dovecot server the use of One-Time Passwords is possible. There is only an operating system dependent PAM configuration necessary.