Authentication via POP3
10th June 2003
Authenticating users through a third party POP3 server (Python sample code provided) is a really interesting idea, but one that I don’t think could ever be used in the wild. Firstly, I haven’t the slightest idea what my POP3 password is as I tend to save it in my mail application and forget about it. Secondly (and more importantly) is trust: how many web sites do I trust enough to give them my email password whenever I log in?
That said, the author of the code snippet lists these and other weaknesses and seems to be suggesting that it would be best used in an intranet style environment, where it would allow web applications to authenticate using the company mail server thus avoiding administrators having to maintain multiple databases of user accounts.
More recent articles
- My AI/LLM predictions for the next 1, 3 and 6 years, for Oxide and Friends - 10th January 2025
- Weeknotes: Starting 2025 a little slow - 4th January 2025
- I still don't think companies serve you ads based on spying through your microphone - 2nd January 2025