search for: onetimepassword

...we cannot stop Thunderbird from sending a username/passowrd-combination we compare the username from the certificate with the username Thunderbird has sent. If the usernames matches we allow access and ignore the password. 3) if the client did not sent a client certificate we calculate the current OneTimePassword of the users OTP-token and compare that with the password Thunderbird has sent. If the passwords matches we allow access. If a OTP-password was validated it can be used for 24 hours so our OTP-users must use their tokens only once a day. Now we would like to switch from POP3 to IMAP, so here are m...