Skip to Main Content
HCL Domino Ideas Portal

Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino Page

Status Under Consideration
Workspace Domino
Categories Security
Created by Guest
Created on Jan 28, 2021

MFA addtions - now that it is in 12 beta, some suggestions

Add MFA login option to "trust this computer for x days" where x is an admin setting configurable number of days from code being entered. This would allow a user to trust a browser and not be prompted every time they login to web applications. After x number of days the user is prompted to re-enter new MFA code.

Also give some thought about adding "trusted networks" (thinking internal subnets so something like 10.10.*.*, 192.168.67.*, etc) that can forgo the need for MFA completely.

  • Attach files
  • Guest
    Jul 2, 2021

    What would be the rationale of not asking for the second factor in a corporate LAN? Can't be security, IMHO.
    I would also be sceptical of the "trusted device" concept.

  • Guest
    Apr 7, 2021

    I don't think the LTPA token does what I suggested. The LTAP doesn't live between browser sessions. This "remember this device" idea would survive browser sessions on same browser and same device until the number of days expire.

    Or if in a "trusted network" (say the corporate LAN) it would never ask for MFA.

    This would mimic the behavior of Office365 MFA.

  • Admin
    Thomas Hampel
    Mar 4, 2021

    Isnt that exactly what the LtpaToken expiration time is used for ?


Add Trusted Device option to suppress MFA requirement for x days

It would be nice if there was the ability to allow Trusted Devices to prevent the use of MFA on a particular device for say 30 days (this should be configurable by the admin). There would also need to be a requirement to remove any existing truste...
about 3 years ago in Domino / Security 1 Under Consideration