HCL Domino Ideas Portal

Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino Page

Add a new idea Subscribe
Status No Plans to Implement
Workspace Domino
Categories Administration
Created by Guest
Created on Dec 10, 2019

RELATED IDEAS

Prevent login from another browser or machine when user session is already active from one client or browser

Currently Domino Server can allow logins from multiple clients/browsers with same user credentials.

There is a feature request to allow administrators to limit the login to single session, so that another session cannot be initiated from different machine/browser from same user credentials.

This Enhancement Request was submitted for Domino Server version 9.0.1.x, 10.0.x versions.

  • Attach files
  • Admin
    Thomas Hampel
    Reply
    |     Jan 19, 2023

    see OWASP Application Security Verification Standard (ASVS) 4.0.3

    Previously, based on ISO 27002 requirements, the ASVS has required blocking multiple simultaneous sessions. Blocking simultaneous sessions is no longer appropriate, not only as modern users have many devices or the app is an API without a browser session, but in most of these implementations, the last authenticator wins, which is often the attacker. https://owasp.org/www-project-application-security-verification-standard/

Copyright © 2023 HCL Technologies Limited