I deployed a two-factor-authentication solution in
order to strength logon to our web applications. The majority of our users who have new tokens are also pop3/imap
users (this is from a long time ago).
However, I noticed web applications are well protected by 2FA , but
mail applications is an easy way to bypass any stronger authentication
How can I provide a stronger authentication method with pop3/imap services that doesn't support 2FA?