To use Webmail SOGo, you have to log in with your login and password via the usual login page. Unfortunately, this simple procedure has one major disadvantage: the login page can easily be copied. If you are lured to such an identical-looking copy – only the web address is not https://mail.tu-chemnitz.de – the password you have entered falls into the wrong hands: a fairly easy ‘password theft’. The compromised TUC account is then used to send spam, access e-mail data or commit fraud. Unfortunately, this is not an imaginary scenario, but has happened several times.
We will therefore be replacing the SOGo login page with the Web Trust Centre login page from 31 March. This requires a second factor in addition to the password when logging in from the Internet – the six-digit code, which is renewed every 30 seconds (or similar procedures). This significantly reduces the risk. So in future, have your smartphone ready when you log in to webmail.
In addition to the security gain, there is also a convenience gain: If you are already logged in to the Web Trust Centre (e.g. by accessing OPAL websites), you can switch to Webmail without having to log in again. However, the duration of a webmail session is limited: After this time has expired – SOGo will then no longer respond – you will have to log in again by reloading the webmail web page.
Further protective measures for retrieving and sending e-mail without webmail (IMAP and SMTP) will follow in the course of the year.
Leave a Reply
You must be logged in to post a comment.