Skip to Main Content
HCL Domino Ideas Portal

Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino Page

ADD A NEW IDEA

Security

Showing 298

Missing Secure Attribute in Encrypted Session (SSL) Cookie.

Hi Team, Regarding case no : CS0038809 - Require SSL protected communication HTTPS for single server session cookie As suggested by Melnicl(HCL PMR Team) we need to enable http only : false option in DOMRELAYSTATE cookies. we require this option t...
almost 5 years ago in Domino / Security 5 No Plans to Implement

The ability to delete certificates from a server's ID file especially for SAML enabled servers

Currently when creating a IdP Configuration document if the certificate name must be unique as the certificate is stored in the server's ID file, which is an issue when you wish to create new IdP configuration documents for the same server and wis...
over 5 years ago in Domino / Security 2 Under Consideration

New command to show the number of failed login attempts since last successful web login

Please add the possibility, to let the developer show the amount of login failures since the last successful web login to the the user. As this behaviour is well known in the web, it would improve security and transparence, if the user knows when ...
almost 6 years ago in Domino / Security 0 Under Consideration

Warn users when they are sending a message to a global group

Staff are currently warned if they click on Send on a message that has no subject line. It would be useful to warn people when they have selected an extremely large group to send an email to.
over 6 years ago in Domino / Security 3 Assessment

Automatically add "secure" flag to all cookies, when https is used

When a Domino server serves http requests through encrypted https, it should automatically add the " secure " flag to all cookies. There should be a global flag to enable/disable this feature. (default: enabled) In reality, most Domino servers wit...
about 1 year ago in Domino / Security 0 Needs Review

Force password change after next login checkbox

Please add a policy that forces the password to be changed at the next login. The policy should be immediately broadcast to all connected HCL Notes clients so that in case of a security problem, everyone is forced to use a new password. The settin...
over 1 year ago in Domino / Security 3 Under Consideration

Extend User Details / Activity table size in Notes Database properties

The database property / "User details" (the table with adds/reads/writes/updates, timestamp and ID) is a limited table which starts overwriting if there are too many entries. On heavily used databases, this table can start overwriting very soon, e...
over 3 years ago in Domino / Security 0 Under Consideration

Restrict access to Domino LDAP service on a Domino server by IP address

Domino native feature or configuration is needed to limit access to LDAP service on a Domino server by IP address, similar to what is available when controlling SMTPrelay access (by adding IP addresses to servers' configuration document where we c...
over 4 years ago in Domino / Security 1 Under Consideration

Domlog is not reliable for authenticated users

The Authenticated requests is not reliable if I do a basic auth get request against a domino server and write any username and any password this username shows up as an authenticated request. It would be good that we could rely on authenticated re...
over 5 years ago in Domino / Security 1 Under Consideration

Domino should support modern SMTP related protocols DANE, MTA-STS and TLS-RPT

Domino is a bit behind in implementing e-mail security protocols. While DMARC is waiting for implementation, new protocols are already around: DANE, MTA-STS and TLS-RPT. 1. DANE (DNS-Based Authentication of Named Entities) RFC 6698: The DNS-Based ...
about 1 month ago in Domino / Security 0 Needs Review