Skip to Main Content
HCL Domino Ideas Portal

Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino Page

ADD A NEW IDEA

My ideas: Security

Showing 304

NSF_ENABLE_LARGE_ACL should also apply for roles and role name length

As of Domino V12, NSF_ENABLE_LARGE_ACL was introduced. The setting increases the number of individual entries in the ACL of an application. Unfortunately this does not apply to the number of role entries, which is still limited to 75. Pls. increas...
almost 4 years ago in Domino / Security 0 Under Consideration

Missing Secure Attribute in Encrypted Session (SSL) Cookie.

Hi Team, Regarding case no : CS0038809 - Require SSL protected communication HTTPS for single server session cookie As suggested by Melnicl(HCL PMR Team) we need to enable http only : false option in DOMRELAYSTATE cookies. we require this option t...
about 5 years ago in Domino / Security 5 No Plans to Implement

The ability to delete certificates from a server's ID file especially for SAML enabled servers

Currently when creating a IdP Configuration document if the certificate name must be unique as the certificate is stored in the server's ID file, which is an issue when you wish to create new IdP configuration documents for the same server and wis...
over 5 years ago in Domino / Security 2 Under Consideration

New command to show the number of failed login attempts since last successful web login

Please add the possibility, to let the developer show the amount of login failures since the last successful web login to the the user. As this behaviour is well known in the web, it would improve security and transparence, if the user knows when ...
about 6 years ago in Domino / Security 0 Under Consideration

Warn users when they are sending a message to a global group

Staff are currently warned if they click on Send on a message that has no subject line. It would be useful to warn people when they have selected an extremely large group to send an email to.
over 6 years ago in Domino / Security 3 Assessment

Automatically add "secure" flag to all cookies, when https is used

When a Domino server serves http requests through encrypted https, it should automatically add the " secure " flag to all cookies. There should be a global flag to enable/disable this feature. (default: enabled) In reality, most Domino servers wit...
about 1 year ago in Domino / Security 0 Needs Review

Force password change after next login checkbox

Please add a policy that forces the password to be changed at the next login. The policy should be immediately broadcast to all connected HCL Notes clients so that in case of a security problem, everyone is forced to use a new password. The settin...
over 1 year ago in Domino / Security 3 Under Consideration

Configure the Domino HTTP server to ignore "Authorization: Bearer" headers on Domino 12.0.2

This has always worked well in Domino 10, 11 and 12.0 but now HCL has implemented an option on the internet site to use a bearer token. The problem with this option is that you then need to configure an OIDC provider which is not well documentated...
almost 2 years ago in Domino / Security 3 Under Consideration

Extend User Details / Activity table size in Notes Database properties

The database property / "User details" (the table with adds/reads/writes/updates, timestamp and ID) is a limited table which starts overwriting if there are too many entries. On heavily used databases, this table can start overwriting very soon, e...
almost 4 years ago in Domino / Security 0 Under Consideration

Restrict access to Domino LDAP service on a Domino server by IP address

Domino native feature or configuration is needed to limit access to LDAP service on a Domino server by IP address, similar to what is available when controlling SMTPrelay access (by adding IP addresses to servers' configuration document where we c...
over 4 years ago in Domino / Security 1 Under Consideration