At Koofr, we strive to provide users with as many features as possible, but safety and security are always at the top of our minds.
We already provide users with options to enable two-factor authentication (2FA) with their account and the use of the application-specific passwords for external applications that do not use our more secure API login. These applications mostly consist of rclone and WebDAV based connections.
We have advocated and suggested the use of application-specific passwords with all such applications instead of your main account password.
This not only prevents your account password from being leaked by a third party but also limits the access of any such application. The apps that use application-specific passwords cannot change the settings, email address or account password, or log into the Koofr web or mobile app.
On January 1, 2021, we are taking this a step further. Logging in with rclone and WebDAV will ONLY be possible with APPLICATION-SPECIFIC PASSWORDS.
Your main password will no longer work for these connections. We suggest you change your settings (if any) for any such application before the January 1st, 2021, to ensure all your connections continue working without interruptions.
If you are using our network drive feature and you enabled it in the Koofr desktop app or have already used the application-specific passwords when setting up your rclone and WebDAV connections, you do not need to do anything, everything will keep on working normally for you.
You can find help on how to create the application-specific passwords in our FAQ or in our video tutorial.
We know this change may cause you an inconvenience, but we believe it will greatly improve the safety of your Koofr account.
You can contact our support or write to our Reddit channel with any additional questions.
The Koofr team