Skip to Main Content
HCL Domino Ideas Portal

Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino Page

ADD A NEW IDEA

Security

Showing 288

Each protocol should have its own ACL

For a given server, there is no way to specify a subset of users allowed to connect to POP3, another subset of users allowed to use IMAP, etc. I need a way to restrict which users are allowed to use a specific protocol.
over 5 years ago in Domino / Security 0 Under Consideration

Rate limiting protections for Domino

An authentication endpoint without rate limiting protections can be susceptible to innumerable amounts of credential stuffing and eventual guessing of set of credentials used for authentication. API endpoints can also be used to attack further inf...
almost 2 years ago in Domino / Security 1 Needs Clarification

Capability to identify actual file format using attachment properties.

When users change the file extension ( .exe to .txt ) in Windows Explorer, Domino should have capability to identify actual file format using attachment properties.
over 5 years ago in Domino / Security 1 Under Consideration

User defined keystore for Domino

Currently, the Notes/Domino v9.x (same with newer versions) can only use the default JAVA trust keystore under Domino application server. The JAVA update overwrites this default keystore. Please add the option to set a custom,user defined keystore...
almost 2 years ago in Domino / Security 2 Needs Review

Control over the setting "don't let administrator set Domino web/internet password to match Notes password" via Domino policy.

Administrator should have control over the setting "don't let administrator set Domino web/internet password to match Notes password" via Domino policy.
about 2 years ago in Domino / Security 1 No Plans to Implement

Disabling local processes or external processes using the Domino Server

A way to disable executing local processes and commands on Domino using powershell, cmd, etc
about 2 years ago in Domino / Security 0 Planning to Implement

Wants to change the SAML URL which hard coded with /names.nsf?SAMLLogin

If SAML URL customization is the bussiness requirement so SAML URLshould be flexible which currently hard coded with /names.nsf?SAMLLogin
over 4 years ago in Domino / Security 2 Needs Clarification

Prompt for user content before configuring notes client.

This is to control & monitor user and admin activity in terms of account access. ( just want user consent before configuring notes client on behalf of the user.). Basically, customer have MFA for notes, but none for lotus notes client security...
over 2 years ago in Domino / Security 1 No Plans to Implement

Option to select whether the LTPAToken should be completely removed/or usable when session has been completely ended.

When enabling Session authentication across servers, the token issued by a server can still be used even after the session has been completely ended on the server and on the browser. If a user issues a request to the server using the same token, y...
over 2 years ago in Domino / Security 1 Under Consideration

Id Vault update with NSL enabled client

Customer requested that ID vault should be updated when NSL is enabled. They have policy to change windows password every 30 days and same need to be updated in ID vault .
over 4 years ago in Domino / Administration / Security 1 No Plans to Implement