← Back to context

Comment by magicalhippo

2 years ago

I would expect them to at a bare minimum encrypt it using a temporary public key before transmission, in case TLS connection was MITM'ed, and I'd expect them to use those fancy hardware security modules (HSM) they have[1] to protect it on their side.

[1]: https://learn.microsoft.com/en-us/azure/key-vault/managed-hs...

3 comments

magicalhippo

Reply
weikju  2 years ago

It doesn't matter how well they protect it, they still have the credential, and they decrypt it in order to be able to use it, so for all intents and purposes, it's in the clear _for Microsoft_ (and whoever else manages to have access). This is not how it should be.

  • magicalhippo  2 years ago

    Obviously, and this is something they should communicate clearly.

    But if they were to provide such a "service" I'd expect them to minimize exposure, including the steps I mentioned.

magicalhippo  2 years ago

I was tired and forgot to add they should first check if the IMAP server supports XOAUTH2, and in that case require that to be used.

Still not a great solution but at least not passing the password around.