Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Postfix Authentication Method: is 'normal password' secure?
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
jhon987
Apprentice
Apprentice


Joined: 18 Nov 2013
Posts: 225

PostPosted: Mon Sep 18, 2017 2:06 pm    Post subject: Postfix Authentication Method: is 'normal password' secure? Reply with quote

A few months ago I finished building a new mail server, following Gentoo's virtual mail server guide (https://wiki.gentoo.org/wiki/Complete_Virtual_Mail_Server).
Now, I noticed that recent Gmail accounts are using authentication method called OAUTH2 whereas my mail server uses 'normal password'.

According to Wikipedia: "OAuth is an open standard for access delegation, commonly used as a way for Internet users to grant websites or applications access to their information on other websites but without giving them the passwords."
So it seems unnecessary for the simple needs I currently have which are receiving and sending mail via imap.
Nevertheless, I still wonder whether 'normal password' is the secure way to go, or is it that the guide is simply a bit outdated and maybe I should switch to a different method?

Edit: I connect via SSL/TLS of course
Back to top
View user's profile Send private message
Ant P.
Watchman
Watchman


Joined: 18 Apr 2009
Posts: 5589

PostPosted: Mon Sep 18, 2017 5:41 pm    Post subject: Reply with quote

OAuth2 only exists because website security in general is a trash fire. (Sufficiently complex) passwords over TLS are fine.
Back to top
View user's profile Send private message
jhon987
Apprentice
Apprentice


Joined: 18 Nov 2013
Posts: 225

PostPosted: Tue Sep 19, 2017 7:31 am    Post subject: Reply with quote

OK Thanks Ant
Back to top
View user's profile Send private message
chiefbag
Guru
Guru


Joined: 01 Oct 2010
Posts: 542
Location: The Kingdom

PostPosted: Tue Sep 19, 2017 9:10 am    Post subject: Reply with quote

On a side note if you use 2 step authentication on your GMail account you can generate separate "App Passwords" to allow the likes of Postfix access your GMail account.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum