Skip to Main Content
HCL Domino Ideas Portal

Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino Page

ADD A NEW IDEA

FILTER BY CATEGORY

My ideas: Security

Showing 236

Block users that dont have a smartcard enabled ID-file

Today it is possible for users to smartcard enable their own ID-file and then use the smartcard to login to the Notes environment. Make it possible to block users that dont have a smartcard-enabled ID. Or in some way force users that they must use...
about 1 year ago in Domino / Security 0 Under Consideration

Internet Lockout not per server, but per website or per domain.

When you have a clustered Domino backend for hosting websites or web-apps, and you have a loadbalancer in front of them......and internet lockout only occurs per server.....it's possible that you end up on another cluster-member and can continue t...
about 1 year ago in Domino / Security 2 Assessment

Force logout web mail users (i.e. Verse & iNotes)

Customer wants to apply a force logout to users whose accounts are compromised. Changing their password or restarting http task does not automatically logout the user. Waiting for token expiration could be risky if set for a long duration. Current...
about 1 year ago in Domino / Security 1 Under Consideration

Restrict the number of messages a single user can send in 24 hours to a maximum number of messages

Sometimes users are victims of clever phishing emails sent to them. Unfortunately this opens up the use of their valuable credentials to potential hackers. These hackers can then send email using their credentials. If Domino would have an internal...
about 1 year ago in Domino / Security 3 Under Consideration

SMTP Inbound Certificate validation

Today Domino accepts mail from hosts with any x.509 certificate. there is no verification. It's difficult to only allow mails from trusted certificates. But it would be important to have the information if the connection was coming from a connecti...
about 1 year ago in Domino / Security 0 Under Consideration

Restrict users from viewing person and server configurations in Domino Directory

Currently all users (with reader access) are able to access Person document > Basics/ Work/ Other/ Misc/ Certificates/ Roaming/ Administration tab. Can we restrict the users to only access to Basics tab for security best practice?By right, user...
about 1 year ago in Domino / Security 1 Under Consideration

Document Encryption / Decryption on the Web using Public or Private keys

As per product document secret key encryption/decryption feature on web is achievable using below link https://help.hcltechsw.com/dom_designer/9.0.1/user/wpd_encrypt_decrypt_xpages_overview.html However customer is looking for Public or Private ke...
about 1 year ago in Domino / Security 3 Under Consideration

Minimum Notes client version

It could be useful to specify minimum allowed notes client version to access Domino server. It could be specified by Domino configuration document and be overrideable by security policy (for particular users). It's implemented in V12 configuration...
about 1 year ago in Domino / Security 1 No Plans to Implement

Provide some way to find back password of root cert.id or change / reset it to a new one when forgetting the old password

The customer's old Domino Server administrator moved to another company, but did not tell the new administrator the password for the root cert.id used for this customer. The customer asked the HCL to provide some way find back the password or chan...
about 1 year ago in Domino / Security 3 No Plans to Implement

HTTP Cookie limit

When there are more than 4k worth of cookie data passed to Domino, Domino does not capture the information in the CGI variable HTTP_cookie.
about 1 year ago in Domino / Security 0 Under Consideration