Two-factor authentication, app-specific password in K-9 mail

Hello everybody,

I set up TOTP and generated an app-specific password for K-9 mail. The
following error message turned up when I entered the password in K-9’s
configurations:

Command: *sensitive*, response: #2# [NO, authentication failed]

Any one have an idea?

Hello everybody,

I set up TOTP and generated an app-specific password for K-9 mail. The
following error message turned up when I entered the password in K-9’s
configurations:

Command: *sensitive*, response: #2# [NO, authentication failed]

Any one have an idea?

What other values are you entering?

smtp/imap/pop server: disroot.org
username: only your username and not username@disroot.org

This config works for me.

··· On Fri, 21 Jun 2019 23:48:15 +0200 cacambo wrote:


Notopygos
GnuPG Fingerprint: 1C24ED06365A6045C128A1C0FB0E532153076E7D

Yes this is also what I enter. With TOTP off and the normal account password, it works totally fine.
Apart from that, I use:
SSL/TLS
port 993
password, normal

Yes this is also what I enter. With TOTP off and the normal account
password, it works totally fine. Apart from that, I use:
SSL/TLS
port 993
password, normal

From your original message,

I set up TOTP and generated an app-specific password for K-9 mail.

Where did you generate app-specific pass? In nextcloud? If yes then the
app password won’t work, nextcloud isn’t tied to your email account.
Your normal password should work fine in this case.

··· On Sat, 22 Jun 2019 15:04:20 +0200 cacambo wrote:


Notopygos
GnuPG Fingerprint: 1C24ED06365A6045C128A1C0FB0E532153076E7D

I generated it on the web, in the disroot security settings. So, not in nextcloud.

In the meanwhile, I’ve received an answer via e-mail:

OTP does not work on k9 this is because 2FA is not supported on IMAP/POP3 protocols which k9 utilizes. You need to use your disroot credentials when setting up k9 or any email client. 2FA implementation in webmail mail.disroot.org is rather cosmetic and does not prevent brutteforce attacks via imap protocol. We are not happy about it and enabled it in the first place because many people requested it. 2FA in cloud, cloud.disroot.org does however make sense as it protects your files, calendars, contacts etc.

We hope in the future protocols like imap/pop3 will get proper support or hopefully we will find a clever way around it to support such feature (we have some ideas brewing already).

Hi, Sorry I somehow forgot to post this answer here.