Skip to Main Content
HCL Domino Ideas Portal

Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino Page

ADD A NEW IDEA

Security

Showing 303

Password Security / Policy for Internet MUST track history for specified reuse

This capability is missing on the Internet side. Password policies everywhere now require that you cannot reuse past passwords for at least 'x' iterations. Security/Auditors/Risk people are demanding that we write something to ensure that browser ...
over 6 years ago in Domino / Security 0 Under Consideration

Ability to send trusted certificate list even if destination endpoint sends empty DN

Domino currently is designed to decline sending any certificate and requires the destination endpoint to send a list of trusted DN CAs. As per EXO "Exchange sends its certificate along with the certificate request to Domino. In our certificate req...
11 months ago in Domino / Security 1 Assessment

In the certstore.nsf, create user certificates or self-signed user certificates for client authentication

Certstore \ certmgr should use the CA process internet certificate to generate a certificate request and store the certificate for each person to use during browser authentication.
about 1 year ago in Domino / Security 1 Needs Review

Option to enable SMS OTP for Verse (web login)

Give an option to enable SMS OTP to login in HCL Verse or Webmail
over 1 year ago in Domino / Security 2 Already Exists

Encryption Database on server Automatically

Currently, the database on the server can not be encrypted in any way. The provision of database encryption on the databases on the server using 256-bit AES encryption should be given in Domino server so all new databases created on the server can...
over 1 year ago in Domino / Security 0 Assessment

HTTP Password Changes Timing Issues - AdminP - Domino Caching - etc.

HTTP Password Changes has many challenges as documented by HCL here: https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0024871 Other platforms have challenges, but not as severe as this. If Domino is going to be accepted as a r...
over 3 years ago in Domino / Security 2 Needs Review

TOTP (MFA) Scratch code - set expiry date and limit number of codes generated

When Scratch codes are generated for TOTP setup there are 10 codes generated with no expiry date and I have the following suggestions : 1) Add an "Scratch Code Expiry Time (hrs)" so administrators can set the code to expire for example after 48 ho...
over 3 years ago in Domino / Security 1 Needs Clarification

In DDM.nsf database Security - DB ACL probe should have option to exclude Templates from Database ACL monitoring.

Config a Security - Database ACL probe to run. For the 'Select one or more databases to probe' field, enter an asterisk to represent all databases. After the probe runs, review event docs generated in ddm.nsf --> Events are generated for both N...
over 4 years ago in Domino / Security 1 Under Consideration

DIIOP to enforce password expiration at login

As of now password expiration at login only works for Notes and HTTP authentication. We request to enable to password expiration also works for DIIOP protocol as well when creating session using NotesFactory.createSession.
almost 5 years ago in Domino / Security 0 Under Consideration

Log Copy on Database

Information in Domino Log database when someone have created local copy of database.
about 5 years ago in Domino / Security 4 No Plans to Implement