Skip to Main Content
HCL Domino Ideas Portal

Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino Page

ADD A NEW IDEA

My ideas: Security

Showing 300

Evolve management of Java Security Policy on Domino Server

Domino mandates java security controls to avoid code from performing privileged operation. Control of policies is defined by java.policy files. This is a burden for customer, partners and admins. The proposal is to implement a new Java policy prov...
over 3 years ago in Domino / Security 0 Under Consideration

Installing Domino Utility Server in the AD domain controller for AD Password Sync

Installing Domino Utility Server in the AD domain controller is required for AD password sync, but this is a security risk as third-party softwares should not be installed in the AD domain controller.
over 3 years ago in Domino / Security 3 No Plans to Implement

Integrate SafeLinx and Domino MFA/2FA/TOTP implementation

SafeLinx is able to to provide MFA <https://help.hcltechsw.com/safelinx/1.2/adminguide/using_radius_authentication_profiles.html> and Domino 12 now also has MFA functionality <https://help.hcltechsw.com/domino/12.0.0/admin/conf_totp_overv...
over 3 years ago in Domino / Security 0 Assessment

Option for the user to choose whether they want to set TOTP or not

Just like in other mail applications (i.e. gmail/yahoo), the user should have the ability to choose whether or not to enable TOTP. Currently, it seems the only choice is to have it enabled on the server side which applies for all (yes with TOTP op...
over 3 years ago in Domino / Security 8 Under Consideration

Option to force Https while using @urlopen code with computed Url and relative path.

There are requirements when domino server is behind the SSL offloader and domino serer is not SSL enabled. If there are @urlopen code used with computed Url and relative path. Domino is adding by default http with the server FQDN , So this code is...
over 3 years ago in Domino / Security 1 No Plans to Implement

Improve $$LoginUserFormMFA so that it only shows Username & Password fields

I think it would be a lot prettier if the new MFA login form only displayed the Username and Password fields and then on submission you were then prompted separately for the TOTP/MFA code (if required). The new prompt for TOTP/MFA code could then ...
over 3 years ago in Domino / Security 1 Needs Review

Let us choose the attributes for authentication in webapplications like we can in Websphere/Connections: uid;cn;mail

We can now only set this into 2 options: Lower and Higher security which contains several attributes each. We would like to choose the attribute(s) for authenticating into Domino webapps. The 2 options is not good when you want to logon using shor...
over 3 years ago in Domino / Security 2 Under Consideration

Add a blanket grant for the XPages JVM to the default java.policy file

I just lost two days, just to find out that our RuntimePermission exception (getClassLoader) in Java is caused by a missing setting in a java.policy file, somewhere deep in the Domino tree. In the end, after trying several different settings, the ...
over 3 years ago in Domino / Security 3 Under Consideration

Do not overwrite ACL log when pasting an ACL

When doing a copy & paste of an entire ACL also the ACL log gets copied. My expectation was that the target ACL log would not be copied over, the ACL log should only be updated. This is just a suggestion to change the design in such a way t...
over 3 years ago in Domino / Security 2 Assessment

TOTP (MFA) Scratch code - set expiry date and limit number of codes generated

When Scratch codes are generated for TOTP setup there are 10 codes generated with no expiry date and I have the following suggestions : 1) Add an "Scratch Code Expiry Time (hrs)" so administrators can set the code to expire for example after 48 ho...
over 3 years ago in Domino / Security 1 Needs Clarification