Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Security is one of our top concerns, and we're looking into different ways to make it as airtight as possible. We'll have more info on security before we launch.

At the moment, we're integrating through GMail through their API, so you can revoke access at any time, and we never see your password.



Hey, GMail doesn't have a public API does it? Could you tell us a bit about how you integrate with gmail, I thought they kept it pretty locked down?


You mean other than SMTP or POP? Those are both definitely public APIs.


And you can set separate passwords for various applications if you enable two-factor authorization.


Those also require your password, as far as I'm aware.


Baudehlo is correct. Gmail provides a SASL extension called XOAuth that allows you to authenticate IMAP/SMTP with OAuth tokens.


Well, that's cool.


Yes, you OAuth and then you can use IMAP with XOAUTH login.


but you must still store the emails in your own database correct? or do you never store them at all?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: