• Votes

    3

    implement repository search order

    In an environment with multiple repositories, it should be possible to define a search order for the repository. The first match wins should be used for authentication. ...

  • Votes

    9

    Add a "password never expires" option for the local user repository

    We need this option for the local Admin Account. The local Admin Account's password expires as any other user account. Please add a "password never expires" option to the ...

  • Votes

    1

    Custom VOICE OTP Sender

    Hello, We will like to have the ability to use our own Voice OTP senders. Currently only Twilio is supported.

  • Votes

    1

    OTP Support Multiple Languages

    Hello, We want to be able to send SMS OTP in multiple languages. It will be great if we will be able to map a LDAP attribute for user proffered language, and the AAF ...

  • Votes

    2

    Support for code obfuscation

    The idea is to provide support for code obfuscation at the SDK for mobile app's. Mainly for commercial products like DexGuard. Some costumers has internal security ...

  • Votes

    16

    Synchronizing changes from mobile devices back to AAF server

    After deleting the smartphone authenticator, the template within the native application (NetIQ Advanced Authentication) is also deleted at the AAF start page (/Account, ...

  • Votes

    10

    Automatic Logout with countdown display

    To make sure that users do not leave their session unattended, an automatic logout, which you can optionally enable and set up a time interval (5, 10, 15) minutes as an ...

  • Votes

    7

    TOTP on Smartwatch

    Currently it is the case that the request for a TOTP via the smartphone also appears on a SmartWatch, but only as a message. It would be great if you could confirm the ...

  • Planned

    7

    Allow Windows Client (and Linux/Mac) to set locale in ...

    We have the need for certain Windows clients to have a specific locale set in the config.properties file. This should override the OS locale.

  • Votes

    6

    Use STARTTLS for LDAP-based repositories

    LDAP supports STARTTLS to encrypt communications using TLS. STARTTLS begins as a plaintext connection over the standard LDAP port (389), and that connection is then ...

  • Votes

    13

    Allow SSO from AFF to NAM

    It would be great to allow AFF SSO to NAM. The idea: having the AAF Client installed on a workstation and authenticate during the windows login to AFF. Then AAF ...

  • Votes

    10

    Ability for caching shared (linked) authenticators

    In reference to SR#101184179111 Today, AAF is not able to cache credentials on windows,linux, macos for users they are using shared (linked) authenticators. Please ...

  • Votes

    14

    Email notification when an authenticator is enrolled, modified, or ...

    When a user or help desk agent enrolls, modifies, or deletes a user's authenticator, there is no notification to the user of this activity. This means that users' ...

  • Votes

    5

    Using the Smartphone app push notification to Accept/Decline ...

    During enrollment, we don't have a notification of the enrollment process that is acknowledged by the user being enrolled. So far the methods we have assume that the ...

  • Votes

    3

    Provide option to disable the ability for the Enroll admin (Helpdesk) ...

    Currently a helpdesk admin can enroll/remove enrollments for his/her own user and some clients do see this as a potential risk. Could we perhaps have a policy, similar to ...

  • Votes

    7

    Add integration with Cisco VPN as part of the AAF documentation

    Similar to OpenVPN, we have done a few integrations between AAF and Cisco AnyConnect (VPN) so we could have these steps as part of the documentation for AAF and we could ...

  • Votes

    5

    Temporarily block user account after x failed attempts – when endpoint ...

    Feature: Being able to configure the system to temporarily block user account after x failed attempts (for instance account could be blocked for 30mn after 5 failed ...

  • Votes

    9

    Login screens should, per-computer + per-user, remember last Chain ...

    Windows/Mac/Linux Client login screens should, per-computer and per-user remember the last Chain successfully used to login/unlock that device by that user, highlighting ...

  • Votes

    4

    Allow Events to be configured to use a default repo (if desired) that ...

    For our linux clients we need the option to either have an event ignore the login options list of repositories and use a default repo set at the event level or we need ...

  • Votes

    3

    Do not show chains with Smartphone method when client does not have a ...

    Related to https://ideas.microfocus.com/MFI/advance-authentication/Idea/Detail/14402 Current situation: When offline OTP for Smartphone method is disabled and the user ...