Authenticator for the “LOGIN
” SASL mechanism. See Net::IMAP#authenticate
.
LOGIN
authentication sends the password in cleartext. RFC3501 encourages servers to disable cleartext authentication until after TLS has been negotiated. RFC8314 recommends TLS version 1.2 or greater be used for all traffic, and deprecate cleartext access ASAP. LOGIN
can be secured by TLS encryption.
The SASL mechanisms registry marks “LOGIN” as obsoleted in favor of “PLAIN”. It is included here for compatibility with existing servers. See draft-murchison-sasl-login for both specification and deprecation.