Authentication via POP3
10th June 2003
Authenticating users through a third party POP3 server (Python sample code provided) is a really interesting idea, but one that I don’t think could ever be used in the wild. Firstly, I haven’t the slightest idea what my POP3 password is as I tend to save it in my mail application and forget about it. Secondly (and more importantly) is trust: how many web sites do I trust enough to give them my email password whenever I log in?
That said, the author of the code snippet lists these and other weaknesses and seems to be suggesting that it would be best used in an intranet style environment, where it would allow web applications to authenticate using the company mail server thus avoiding administrators having to maintain multiple databases of user accounts.
More recent articles
- OpenAI's new open weight (Apache 2) models are really good - 5th August 2025
- ChatGPT agent's user-agent - 4th August 2025
- The ChatGPT sharing dialog demonstrates how difficult it is to design privacy preferences - 3rd August 2025