Authentication via POP3
10th June 2003
Authenticating users through a third party POP3 server (Python sample code provided) is a really interesting idea, but one that I don’t think could ever be used in the wild. Firstly, I haven’t the slightest idea what my POP3 password is as I tend to save it in my mail application and forget about it. Secondly (and more importantly) is trust: how many web sites do I trust enough to give them my email password whenever I log in?
That said, the author of the code snippet lists these and other weaknesses and seems to be suggesting that it would be best used in an intranet style environment, where it would allow web applications to authenticate using the company mail server thus avoiding administrators having to maintain multiple databases of user accounts.
More recent articles
- Highlights from my appearance on the Data Renegades podcast with CL Kao and Dori Wilson - 26th November 2025
- Claude Opus 4.5, and why evaluating new LLMs is increasingly difficult - 24th November 2025
- sqlite-utils 4.0a1 has several (minor) backwards incompatible changes - 24th November 2025