Authenticated Post Office Protocol

What Does Authenticated Post Office Protocol Mean?

Authenticated Post Office Protocol (APOP) permits a client computer to retrieve email from a Post Office Protocol (POP) server while providing authentication technology that includes password encryption upon client receipt.


In standard POP, the username and password are in plain text whereas APOP encrypts them. The server that holds email is known as the POP server, so in APOP, clients leave email on servers in order to read them later. APOP does not provide services for sending email.

APOP is now an outdated method for mail authentication encryption and is not MIME-compatible. Newer technologies such as TLS have superseded APOP.

Techopedia Explains Authenticated Post Office Protocol

The POP3 is a one way only mail transport allowing a user to access mail and have it delivered over the internet. It is a receive-only service as far as the user is concerned. Simple Mail Transfer Protocol (SMTP) is generally used to send mail.

POP is primarily used for computers that don’t have a fixed network connection and thus need a post-office type of setup to hold email until users are ready to retrieve it. APOP is an extension of POP that adds more security. With regular POP, usernames and passwords can easily be intercepted on a network creating a serious security vulnerability. To combat this issue, APOP was developed and used alongside other encryption technologies such as TLS and SSL.

APOP encrypts the password and username before they are transmitted and decrypts them upon receipt. This makes hacking into email much more difficult.

APOP is older and less useful than Internet Message Access Protocol (IMAP) and its biggest disadvantage over IMAP is that the APOP email retrieval process is more arduous and less specified, and emails are not automatically categorized into certain orders such as when they were received. This disadvantage especially pertains to users sifting through large amounts of email within APOP.


Related Terms

Latest Cybersecurity Terms

Related Reading

Margaret Rouse

Margaret Rouse is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical, business audience. Over the past twenty years her explanations have appeared on TechTarget websites and she's been cited as an authority in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine and Discovery Magazine.Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages. If you have a suggestion for a new definition or how to improve a technical explanation, please email Margaret or contact her…