Skip to Main Content
HCL Domino Ideas Portal

Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino Page

ADD A NEW IDEA

My subscriptions: Security

Showing 63

Adding CSRF protection in domino to prevent MIM attacks

In a MIM attack, the attacker essentially behaves like a proxy, by taking over an intermediate device, to the user/victim since he has to have access to the page the victim is sent in order for the attacker to alter the page and harvest the data f...
over 3 years ago in Domino / Security 1 Shipped

For security reasons, we need a way to prevent auto-forwarding to external. Only internal.

Currently Domino can prevent auto forwarding for Notes client rules, but this is all or nothing. For security reasons, we need a way to prevent auto-forwarding to external recipients on a server wide scale. Rule, Agent or Forwarding Address field ...
about 6 years ago in Domino / Security 1 Shipped

Use more kyr-files on Domino Web.Tasks

Currently Domino-Web-Tasks which use kyr-Files for security-reasons, only the first kyr-file (in alphabetical order) in the data-dir is used. regardless how many kyr (and sth-) files exist. At least one kyr-file for smtpand one for http would be h...
over 4 years ago in Domino / Security 1 Shipped

Request to have LTPAToken does not contain the user's authenticated name to prevent brute force attack.

As the technote below mentions, LTPAToken cookie contains the user's authenticated name encoded base64.That is, the attacker could crack the password by using a brute force attack. How secure is the Domino LtpaToken cookie?http://www.ibm.com/suppo...
over 5 years ago in Domino / Security 2 Shipped

Local database replica encryption

It is necessary to locally encrypt the database replica if the source database was locally encrypted
about 5 years ago in Domino / Administration / Security 2 Shipped

Inbuilt Mail security tool

Integrate inbulit email security tool for virus scans and other email threats.
about 6 years ago in Domino / Security 0 Shipped

Need to use Third party Internet certificate for sending singed mail to Notes users

We have a Internet certificate issued by third-party certifier for signing external mails.Need requirement where we can use this internet certificate to sign our internal mails instead of the normal notes keys?
over 5 years ago in Domino / Administration / Security 1 Shipped

Support for Enforce to Disable Notes Single Logon feature in Domino Admin

Hi Team, I would like to request to have a policy to Disable Notes Single Logon feature to all Notes Users via policy in the Domino Admin Client. So far, our workaround is to execute the command sc delete "IBM Notes Single Logon" or sc delete "L...
almost 6 years ago in Domino / Security 1 Shipped

V12 certmgr: When using DNS-01 with the command, the add and delete have the same status.

In the DNS provider configuration document, if you are using "Command" in [Type:] field, the response from the command should come back in JSON. The STATUS value of that JSON can be used in [Status formula]. However, since the same foumula is used...
over 3 years ago in Domino / Security 4 Shipped

Need options for Private keys to be imported via UI in Certificate Manager

By design today the only options to import private keys are available via server console. Need options for Private keys to be imported via UI in Domino Certificate Manager. Current the option is to run the command : − load certmgr -importkyr keyri...
over 3 years ago in Domino / Security 1 Shipped