[gruez]

I guses that works, but it only really prevents surreptitious password collection. If you're in a position to do active attacks (eg. MITM), you can just substitute their public key with your own.

[lights0123]

For sure, but it's at least possible for them to set up a honeypot to detect that.

[gruez]

Yeah that prevents mass surveillance but doesn't prevent targeted surveillance (think steam account with valuable skins).

[noobquestion81]

The stakes are “we lost all the user passwords”. This is a problem that can occur if e.g. the POP is logging too many things. Preventing passive collection at POPs also prevents all sorts of footguns like these that can lead to a breach, it is smart security sense IMO.

[est31]

You might be "only" admin of such a MITM box and can maybe only see/search the decrypted contents but not alter them.