-
Votes
2
Smooth transition of authenticators: no need to re-enrolment when ...
This is future request . Migrate the authenticators for already enrolled users who are migrated from existing MS AD domain to the new MS AD domain without all those ...
Comments (1) | by: Tomasz S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
1
Time Shifting for Hard Token
We recently received a new batch of TOTP token from Vasco Go6 TOTP Type, noticed that we need to tune the Window Period into a bigger value to authenticate successfully. ...
Comments (1) | by: Kok Khai Y. | over a year ago | Last activity over a year ago | Status changed over a year ago | Integrations
-
Votes
2
Automatically enroll BankId users
The BankId method is pretty useless if it's not possible to auto-enroll users with a predefined value of "personal id" in LDAP.
Comments (2) | by: Magnus A. | over a year ago | Last activity over a year ago | Status changed over a year ago | Integrations
-
Votes
3
TOTP Enrollment with serial via public api
We would like to enroll hardware TOTP tokens via public API with unprivileged session, in combination with token serial plus first OTP. Request example: ...
Comments (0) | by: Marc R. | over a year ago | Last activity over a year ago | Status changed over a year ago | Integrations
-
Votes
5
Temporarily block user account after x failed attempts – when endpoint ...
Feature: Being able to configure the system to temporarily block user account after x failed attempts (for instance account could be blocked for 30mn after 5 failed ...
Comments (0) | by: Jerome M. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
3
Allow more than one 'Windows Hello' method per user
We want to be able to use more than one 'Windows Hello' method per user. Some users have more than one computer with 'Windows Hello' capabilities and they want to ...
Comments (1) | by: Jerome M. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
2
Offline mode: Allow computer to fail open
Currently: If a user is offline, and if he has lost/broken one authenticator (if 2FA deployed with 'something you know' + 'something you have'), he can't login to his ...
Comments (0) | by: Jerome M. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
1
Syslog message when user account is locked by AAF application
It would be beneficial to have a syslog event generated when a user account is locked by AAF using the Lockout Policy. We created a Lockout Policy designed to lock a ...
Comments (0) | by: Jerome M. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
5
Allow for customization of labels when AD password is not sync
Typically, when you change your AD password, you have a message displayed after you successfully logon (OS or Mac Logon) which indicates: ‘"Enter password for sync". We ...
Comments (1) | by: Jerome M. | over a year ago | Last activity over a year ago | Status changed over a year ago | Integrations
-
Votes
9
Add a "password never expires" option for the local user repository
We need this option for the local Admin Account. The local Admin Account's password expires as any other user account. Please add a "password never expires" option to the ...
Comments (0) | by: Christian B. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
3
implement repository search order
In an environment with multiple repositories, it should be possible to define a search order for the repository. The first match wins should be used for authentication. ...
Comments (6) | by: Christian B. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
5
Windows Client set default Domain in config.properties
Add an option to the Windows Client to set a default Domain in config.properties. Example: defaultDomain: DOMAINNAME Expected behaviour: The user types USERNAME (without ...
Comments (1) | by: Christian B. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
6
Support RADIUS Authentication Methods CHAP and MS-CHAP
Our IT-Security Department forbid the usage of PAP because of severe security issues. Please support at least MS-CHAP, otherwise we can't use the AA RADIUS for our ...
Comments (1) | by: Christian B. | over a year ago | Last activity over a year ago | Status changed over a year ago | Integrations
-
Votes
3
Windows Client Debug Log logrotate
You can enable client debug logging by setting logenabled=true in the config.properties. But the logfiles will grow and grow. Please add an option to enable some kind ...
Comments (0) | by: Christian B. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
2
Support for code obfuscation
The idea is to provide support for code obfuscation at the SDK for mobile app's. Mainly for commercial products like DexGuard. Some costumers has internal security ...
Comments (0) | by: Jorge P. | over a year ago | Last activity over a year ago | Status changed over a year ago | Supported Platforms
-
Votes
3
Remove validation of phone numbers to check for "+"
For the users to use the SMS OTP, AA validates the phone number when the phone number does not exist and the user enters the phone number. This validation is is done for ...
Comments (1) | by: Rohit K. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
4
Dynamic SMS gateway
If there are more than one SMS gateways being used by an organization, there needs to be a dynamic configuration available for the same. The current example can if the ...
Comments (0) | by: Rohit K. | over a year ago | Last activity over a year ago | Status changed over a year ago | Integrations
-
Votes
1
Enhance shared authenticators to allow RSA Tokens.
As stated in the online documentation, the list of authenticators that can be shared is currently limited to TOTP, HOTP, Password, Fingerprint, Card, and FIDO U2F. ...
Comments (0) | by: Don S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Supported Platforms
-
Votes
2
Add “SecureLogin” event to list of default events in Advanced ...
Advanced Authentication should include a generic event called “SecureLogin” in its list of default events. It would also be helpful if SecureLogin were to use this event ...
Comments (0) | by: Don S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Integrations
-
Votes
2
Offline Help Doc
Some clients (US Federal) have systems that cannot access internet and need to see Offline Help Files. Cannot get to https://netiq.com/documentation/.
Comments (2) | by: Bryan W. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
Micro Focus Enhancement Requests Portal is moving. We are migrating the IDEAS from this site to the New Idea Exchange on May 6th. For more information on the new Idea Exchange please visit the Community FAQs.
We love to hear your ideas for improving Advanced Authentication framework.
