In a previous blog post, I have told you about our experimenting with TOTP-based two factor authentication. It proves functional in the Cockpit and in the Web Client, so we’re preparing the promotion to production.
Archive for October, 2017
A Stricter DMARC Policy, Part II
Last month, we let you know a stricter DMARC policy was being applied to Kolab Now infrastructure. With a primary aim to increase our reputation and decrease phishing attempts from clearly false senders, we’ve since learned about some secondary effects;
I Apologize for the Delay
If you’ve noticed our responses to support tickets or monitoring alerts is a little slower than usual, that’s because this is now the view from our office:
Journey to the Center of Kube: Sink
Kube is a client that allows you to work offline, so you can work no matter whether your train just entered a tunnel, you’re on board of a plane or you’re just too lazy to get up and ask for the free wifi password. One implication of this is that we have to deal with fair amounts of data.
Email tends to accumulate quickly, and it’s not uncommon to have mail folders that have somewhere between 40’000 and 200’000 emails in them, so we have to figure out a way to deal with that. At the core of Kube we therefore have Sink; the data-access and synchronization system.
Experimenting with TOTP Two Factor Authentication
We’re currently experimenting with an implementation of TOTP-based 2 factor authentication, allowing our customers to use a second factor.
Until now, Kolab Now required its users to supply a username and a password. This is considered only a single factor, since the username is your email address and thus known to third parties.
