Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

RFE: Let me limit the mails I can see when logging in from an untrusted location #32

Closed
mss opened this issue Aug 3, 2013 · 1 comment
Closed

RFE: Let me limit the mails I can see when logging in from an untrusted location #32

mss opened this issue Aug 3, 2013 · 1 comment
Labels
Discussions Privacy / Security
Milestone
Ideas - Code

Comments

@mss
Copy link

mss commented Aug 3, 2013

As requested here, this is my feature request which would make Mailpile make me feel a lot better when have to read my mail from some location I don't trust. A typical example is that I have to use an untrusted machine in an internet cafe somewhere in the middle of nowhere (no Wifi, can't use my notebook) to confirm a last minute mail. Or to tell my people that my other devices were stolen.

I call this the Vacation Mode: If I log in and Vacation Mode gets activated, I have a (configurable) limited view on my mails. For example, only the last 30 days of my inbox, no archive folders.

How could this mode be activated? From the top of my head I can imagine a few possibilities:

  • The GeoIP database says I'm somewhere else where I wasn't yesterday.
  • I have a special vacation password.
  • I can generate a list of one time passwords (ie. TANs) which I carry around with me and which I have to type in on top of that vacation password (I guess this is a separate RFE).
  • I logged in but didn't have the second element of my two factor authentication (because somebody stole my phone with the generator).
@uktu
Copy link

uktu commented Oct 14, 2013

@mss That's a great idea! Options 2 and 3 (special passwords) offer a user lots of flexibility in how "safe mode" is used.

@brennannovak Here are some possible configuration options:

Settings (Safe Mode)

Display all emails since (select one)
o Previous login
o Previous ------ days
o Fixed date: Now or -- -- -- (specify date)

Filters (optional)
Only include emails satisfying filter ------
Do not include emails satisfying filter ------

The purpose of the filter options is to ensure that e.g.

  1. Personal emails don't show up at work.
  2. Emails of interest to a given country's government don't show up when you're using a computer in that country.
  3. Only those emails you are specifically waiting for show up when you are on an untrusted computer.

Together, these options are sufficient to provide fine-grained control over stored email access, in a way that permits content segmentation and enhances security without requiring a user to establish multiple email addresses for different uses.

@BjarniRunar BjarniRunar added this to the Ideas - Code milestone Sep 4, 2014
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Discussions Privacy / Security
Projects
None yet
Milestone
Ideas - Code
Development

No branches or pull requests
3 participants
@mss @BjarniRunar @uktu