I meant using TOTP (app-based) two-factor authentication for securing your DNS p... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		ukoki on Nov 15, 2020 \| parent \| context \| favorite \| on: Don't use third party auth to sign in I meant using TOTP (app-based) two-factor authentication for securing your DNS provider and domain registrar accounts. The reason for not using SMS-based two-factor authentication is that it is not very secure https://techcrunch.com/2016/07/25/nist-declares-the-age-of-s... I'm not aware of two-factor authentication for SMTP or IMAP.

u801e on Nov 18, 2020 [–]

> I'm not aware of two-factor authentication for SMTP or IMAP.

This could be achieved using a client side TLS certificate along with a username and password. I know that Postfix and Dovecot support it.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact