• Votes

    6

    Support for RSA's Next Token Mode

    RSA SecurID Access has Next Token Mode. This is where the user may be challenged to provide a second token code on their RSA keyfob after providing a first one due to ...

  • Votes

    1

    Enrollment portal messages

    Messages are easily missed because they are hidden since they appear in the upper right under built-in browser form fill capture tools. Unless the user is both very ...

  • Votes

    2

    Apply Advanced authentication by IP or wireless network (Windows ...

    Hi Our client asks if the second factor can be applied only to users who are out of the office. They have the NAAF client installed on their Surface equipment and they ...

  • Planned

    9

    Allow enroll admins the ability to unlock user accounts

    When a user is locked out according to the Lockout policy, it would be desirable for someone with enroll admin role to be able to unlock a user. Typically unlocking users ...

  • Votes

    7

    Validate correct password when saving repository settings

    Every time you adjust the settings of a repository, you are required to provide a password for the user you are connecting as however there is no check to see if the ...

  • Votes

    6

    Regenerate endpoint id and secret without having to delete and ...

    It would be convinenet to be able to regenerate an Endpoint's id and secret instead of the current process of having to delete the endpoint and re-creating it. When ...

  • Votes

    6

    Add the ability to restrict authentication to only managed devices

    Customer would like the ability to restrict mobile device (specifically Smartphone method) to ONLY devices that are currently being managed by an MDM solution. In this ...

  • Votes

    5

    Different set of security questions for different groups of users

    Currently when defining security questions, we define a set of questions applicable for the entire AA instance. It is desirable to have different sets of security ...

  • Votes

    4

    Configurable clean up limit to prevent the mass deletion of users as a ...

    Repositories will do a periodic sync. A user is deleted from an AA repository if they are not returned in the result set of a repository sync. Deleting a user from AA is ...

  • Votes

    3

    Configurable grace period before a user is deleted from AA due to not ...

    Repositories will do a periodic sync. A user is deleted from an AA repository if they are not returned in the result set of a repository sync. Deleting a user from AA is ...

  • Votes

    1

    Integrate in NAAF similar functionnality as eDirectory HOTP function

    Actually eDirectory offer a way to make 2 factor authentication using a simple LDAP bind. User concatenate their password with the HOTP code (mypassword123456). Some ...

  • Votes

    5

    Ability to rename Interface field names (Especially the Interfaces ...

    I have a customer that rolled out AAF for enterprise users with SMS and TOTP as their authentication mechanisms. On roll out they noticed that helpdesk started receiving ...

  • Votes

    6

    Configuration of Windows Client through command line arguments at ...

    The Windows Client must be configured/customized post installation through the config.properties file. For options where it makes sense, it would be beneficial to ...

  • Votes

    4

    Automatic linking of authenticators to like users

    This can be done in the Helpdesk portal but it would be nice to have the automatic linking of authenticators to like users. The criteria by which to define 'like users' ...

  • Votes

    10

    Audit logging of actions by Enroll Admins in the Helpdesk console

    All actions of Enroll Admins within the Helpdesk console should be logged -- information should include at least which authenticator for which user by a particular Enroll ...

  • Votes

    9

    Audit logging of configuration changes

    It would be beneficial to have an audit log of configuration changes (repositories, methods, chains, events, endpoints, etc.) to have some accountability and for ...

  • Votes

    4

    Simplified authentication in offline mode

    With AAF it is possible to configure a Simplified authentication "Last logon tracking options". "This policy helps you to automatically move to a simple chain that ...

  • Planned

    21

    Integrate AT citizen card ( Buergerkarte ) as authenticator

    the information around the citizen card are limited however you can have a look here: There are two options of the "Buergerkarte": As mobile ignatur and as Smart Card ...

  • Votes

    2

    Policy for Help desk Emergency Password.

    Have a Policy that will limit time of how long an Emergency Password can be set for or used. Currently you can create for many years. Max age of Emergency Password ...

  • Votes

    7

    AdminGUI “Endpoints” screen - Needs to allow Helpdesk/ENROLL ADMINS ...

    AdminGUI “Endpoints” screen - Needs to allow Helpdesk/ENROLL ADMINS role the ability to access this screen. Today they can only see user enrollments, but an equal part of ...