-
Planned
23
Offline emergency password
Requested: Several customers The idea behind this is an emergency situation. For example: Company XYZ will be facing an audit, so they are establishing a 2FA for all ...
Comments (11) | by: Daniel S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
15
Kiosk Mode
Customer is working with generic system accounts that are used by multiple employees. As AAF is not able to enroll multiple otp-/uwf-tokens/cards this will not work with ...
Comments (15) | by: Hauke B. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
14
Email notification when an authenticator is enrolled, modified, or ...
When a user or help desk agent enrolls, modifies, or deletes a user's authenticator, there is no notification to the user of this activity. This means that users' ...
Comments (2) | by: Tim S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Planned
14
Smartphone Method push message
Allow the customization of the push authentication message used on the Smartphone method. Currently the message has information like IP and username that some customers ...
Comments (1) | by: Hugo D. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
13
Windows Client Login offline Master token
When we install the Windows Client on a device, we can enable the Offline login to permit the user to access their computer when they do not have access to internet. ...
Comments (3) | by: Hugo D. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Planned
12
Allow the AAF smartphone app to acceptance requests from the locked ...
Allow the AAF smartphone app to acceptance requests from the locked phone screen
Comments (2) | by: brian r. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
11
Better Health Check
We desire the ability for web servers to have their health checked regularly to see if they can process authentication attempts. If not, the web server should be disabled ...
Comments (1) | by: Dennis R. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Planned
11
authenticator sharing
Allow a shared authenticator to be used regardless of whether or not the the account it is shared with has the same authenticator enrolled or not. For example, if a ...
Comments (3) | by: Dennis R. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
10
Audit logging of actions by Enroll Admins in the Helpdesk console
All actions of Enroll Admins within the Helpdesk console should be logged -- information should include at least which authenticator for which user by a particular Enroll ...
Comments (3) | by: Tim S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
10
SMS-OTP Authenticator allows letters and special characters in the ...
Currently, users can also enter letters and special characters in the phone number input field. This of course leads to the fact that the telephone numbers cannot be ...
Comments (1) | by: Hilmi Koray T. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
9
Windows local user password change using Forgotten Password ...
Using forgotten password service ( over forgotten password link) with AAF Client version allows change password for Cached and Network password only in the first ...
Comments (0) | by: Aleksejs P. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
9
RISK Engine only show single chain based on RISK level
Currently with RISK if a user is "LOW" RISK they see 3 Chains to select. Would like to have ability to only show the single chain based on RISK. When the user is LOW ...
Comments (4) | by: Kevin P. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
9
Login screens should, per-computer + per-user, remember last Chain ...
Windows/Mac/Linux Client login screens should, per-computer and per-user remember the last Chain successfully used to login/unlock that device by that user, highlighting ...
Comments (1) | by: Stefan E. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
8
IPv6 support
We are running in a dual stack environment and we need AAF as a product to support IPv6 in addition to IPv4.
Comments (0) | by: Tim S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Planned
8
Extend Radius server by PEAP support
Currently Radius server supports only PAP while new (esp. mobile) devices use PEAP. It's the reason customers may not use AA for Radius & mobile device combination and ...
Comments (1) | by: Dariusz L. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
7
Support FIDO 2 for Windows Authentication
AAF supports only FIDO2 for webauthentication. Please add support for FIDO2 authentication in the windows login.
Comments (1) | by: Kevin S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
6
ability to disable biometrics or pin requirement on smartphone method ...
Currently the require pin and require biometrics are set to true by default and when you set these to false this only allows users to disable this on there phone but it ...
Comments (1) | by: brian r. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
5
Use the NetIQ iOS app to generate one time passwords from a YubiKey ...
We would like it if the NetIQ implemented the Yubico iOS SDK so that our users could use a single app for the smartphone method and also to get YubiKey one time ...
Comments (0) | by: Tim S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
5
device service should give error that bluetooth is not present
The device service should give an error message if bluetooth device is not present like the device service does when a card reader is not present. Otherwise when a user ...
Comments (0) | by: brian r. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
5
Brute force / BOT Attack and Data leakage Prevention
A change in authentication flow can help prevent brute force bot attacks: 1. Information leakage - valid usernames & passwords discovery 2. User lockout due to bad ...
Comments (3) | by: Paul M. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
Micro Focus Enhancement Requests Portal is moving. We are migrating the IDEAS from this site to the New Idea Exchange on May 6th. For more information on the new Idea Exchange please visit the Community FAQs.
We love to hear your ideas for improving Advanced Authentication framework.
