HCL Domino Ideas Portal

Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino Page

Add a new idea Subscribe
Status Needs Review
Workspace Domino
Categories Security
Created by Guest
Created on Mar 27, 2025

RELATED IDEAS

Allow 2FA to use Email Only

We host systems that are used by customers who change companies all the time. Sometimes when they leave companies, we are not notified. Since people now take their BYOD phones with them, any MFA/2FA using SMS or Authenticator Apps can be used outside their company. This makes Domino's 2FA a security risk for us.

Since most companies cut off access to email upon termination, having 2FA able to be set to "ONLY Via Email" means that we can prevent users from starting at a new company and using their existing logins to our Domino platform to access data that is relevant to their old company.

  • Attach files
  • Guest
    Feb 25, 2026

    FYI - NIST SP 800-63b prohibits the use of email for 2FA:

    https://pages.nist.gov/800-63-FAQ/#q-b11

    "Q-B11:

    Is the use of email acceptable in two-factor authentication?

    A-B11:

    NIST SP 800-63B does not allow the use of email as a channel for single or multi-factor authentication processes. This is specified in Section 5.1.3.1, Out-of-Band Authenticators:

    [Authentication] methods that do not prove possession of a specific device, such as voice-over-IP (VOIP) or email, SHALL NOT be used for out-of-band authentication."

    Reply
  • Guest
    Apr 3, 2025

    We have the same issue. Additionally, some of our clients are prevented from using their mobile phones on site at their work place so the emailing the code would be the only option.

    Reply
                                    Copyright © 2025 HCLSoftware Limited