Skip to Main Content
HCL Domino Ideas Portal

Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino Page

Status Shipped
Workspace Domino
Categories Security
Created by Guest
Created on Nov 13, 2019

Support FIDO2 for Two-Factor Authentication in Nomad/Notes/Traveler/Web

FIDO2 enables users to leverage common devices to easily authenticate to online services in both mobile and desktop environments. The FIDO2 specifications are the World Wide Web Consortium’s (W3C) Web Authentication (WebAuthn) specification and FIDO Alliance’s corresponding Client-to-Authenticator Protocol (CTAP).

FIDO2 cryptographic login credentials are unique across every website, never leave the user’s device and are never stored on a server. This security model eliminates the risks of phishing, all forms of password theft and replay attacks.

Because FIDO cryptographic keys are unique for each internet site, they cannot be used to track users across sites. Plus, biometric data, when used, never leaves the user’s device.

Users unlock cryptographic login credentials with simple built-in methods such as fingerprint readers or cameras on their devices, or by leveraging easy-to-use FIDO security keys. Consumers can select the device that best fits their needs.

Websites can enable FIDO2 through a simple JavaScript API call that is supported across leading browsers and platforms on billions of devices consumers use every day.

Microsoft O365, Google and nearly everyone else in the industry supports FIDO2 for Authentication - as the Secure Groupware platform of choice, Domino should support this as well - HCL should become a member of the fido Alliance if not done yet. This applies also to DX and Connections.

  • Attach files
  • Guest
    Reply
    |
    Oct 26, 2023

    FIDO2 even allows passwordless authentication - i.e. username + FIDO2 Passkey (without password).

    This is still considered strong authentication.

    Please see merged idea.

  • Guest
    Reply
    |
    Oct 21, 2022

    This is a security enhancement that improves usability instead of hinders!

    GitHub using WebAuthn allows me to regularly use a fingerprint scanner as 2FA instead of email/sms/TOTP which is so much quicker!

  • Guest
    Reply
    |
    Jun 3, 2022

    Domino is a platform for customers who need data sovereignty.

    Support for FIDO2 seems a very natural fit for Domino, and may become the most secure and most attractive authentication method in the future.

    Please consider, that FIDO2 could also be used as a primary, passwordless login, as well as a 2nd factor.

5 MERGED

Support passwordless web authentication using FIDO2 Security Keys

Merged
This idea suggests, that Domino should add passwordless web authentication using Security Keys or Passkeys (e.g. FIDO2 / WebAuthn). Passwords have an inherent risk for phishing attacks, password re-use, password leakage etc. FIDO2 Passkeys are res...
over 1 year ago in Domino / Security 0 Shipped