Jump to content

Stefan

Members
  • Content count

    16
  • Joined

  • Last visited

  1. I've found a tiny thing that bugs me a bit. On my installation I have set the "Activity grid" (recent activity listed under the password list) so only be visible for admins. When we get a new colleague, I always guide them to disable the charts on the right to free op estate on the screen. So the issue happens after a user unticks "Visible" in the Screen Settings. When they click save, the Activity grid becomes visible for that password list untill the next screen refresh. And this is even reproduceable by seleting "Visible" again and click save. Each time you click save after changing the visibility of the charts, the Activity grid is exposed for the current passwordlist. This is not a huge issue here. But this could potentially expose data that you don't want users to see. And worst of all, there's a high chance or me getting the "what's this" question.
  2. This is a bit related to an earlier request for variables in the subject field. Using default settings when logging in to the /mobile site, you get and e-mail with a pincode. I can't find a template for this e-mail, so I don't know how to customize this. In a perfect world, I would have the pin present in the subject field. Ig not there, at least in the first line in the body of the e-mail. This would make it easier for the users to read the pin on the mobile device instead of having to flip from the browser to email client where they need to actually open the mail, and then switch back to browser. On most phones today, having the pin in the subject or first line of body, would make it readable at a glance. The attached image shows how it looks today, requiring you to open the mail to see the pin.
  3. Nothing showed up searching for RADIUS. So here goes. With the introduction of RADIUS authentication, I'd like to suggest the support for a Challenge Response from the RADIUS server. This would allow use of several multifactor authentication solutions. In our case I'd like to be able to use SMS Passcode which we already use for other kinds of access. This product integrates well with both RADIUS and IIS. The ideal result would be that my external users will have to enter their AD credentials followed by a code sent by SMS and my internal users not having to use the SMS code. SMS Passcode can differentiate on this based on the IP the users is coming from. So the IP needs to be passed on the the RADIUS, but I'm assuming this is already the case.
×