Welcome to the mailbox.org user forum!

Mitigate IMAP's flaws

001 shared this idea 18 days ago

IMAP is a flawed protocol but I think Mailbox.org could still mitigate the risks to a degree.

1) Implement temporary application passwords which can be revoked. This means clients will not be storing and transmitting the Master Password in plain text.

2) Allow users to limit the number of concurrent connections/devices, with email notifications when an attempt to exceed the limitation occurs. This would be a clear indication of compromise.

3) Warn the user in absolutely clear terms when they enable Two-Factor Authentication that it does not work with IMAP and recommend that the user should disable IMAP.

4) Completely disable, nuke, remove the ability to disable Two-Factor Authentication via email 'forgot password link'. This is a fundamental security flaw in Mailbox.org which users have raised year after year and still no mitigation. An email link should never be capable of disabling 2FA.

In short, it's not safe to use IMAP, point 4 makes Mailbox.org IMAP particularly dangerous, and the security-conscious among us should disable IMAP altogether. However for the users who do choose to enable it, Mailbox.org should aim to provide some basic protective measures as suggested above.

The truth is that without a mobile app, Mailbox.org is only really private, secure, etc. if you only use ONLY the web app, all other services must be disabled. I expect most users do not use it this way, so Mailbox.org should endeavour to protect those users where possible.

Leave a Comment
Attach a file