Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Navigation

    Cloudron Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular

    App Passwords per mailbox

    Feature Requests
    3
    3
    45
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • marcusquinn
      marcusquinn last edited by marcusquinn

      When using an App Password for a Group mailbox, it effectively also could be used for access to the main user mailbox too.

      I'm not too sure on the best solution, perhaps app passwords per-mailbox?

      The point is that currently they could provide a false sense of security, especially if saved into a DB that doesn't store encrypted or the app passwords are shared for a group mailbox setup without realising they can provide access to any of that user's permitted mailboxes.

      Personal mailboxes are a high-value attack vector for their ability to then reset any passwords connected to that email, hence I think this needs a bit more thought.

      We're not here for a long time - but we are here for a good time :)
      Jersey/UK
      Work & Ecommerce Advice: https://brandlight.org
      Personal & Software Tips: https://marcusquinn.com

      atrilahiji 1 Reply Last reply Reply Quote 4
      • atrilahiji
        atrilahiji App Dev @marcusquinn last edited by

        @marcusquinn I think a good way to go about this is to keep the top level app passwords but add the ability to restrict them to specific apps/api endpoints/mailboxes one has access to.

        Owner of Lahiji Apps Consulting
        https://atrilahiji.dev/
        https://lahijiapps.dev/

        1 Reply Last reply Reply Quote 1
        • girish
          girish Staff last edited by

          I think this feature makes sense. Just like we can restrict app passwords to specific apps, we want to extend the functionality to restrict to specific mailboxes.

          1 Reply Last reply Reply Quote 3
          • First post
            Last post