|
What authentication mechanisms are available?
|
|
1
|
135
|
30 July 2021
|
|
What audit information can be extracted in relation to login attempts?
|
|
1
|
133
|
30 July 2021
|
|
Is there a lockout process for user accounts?
|
|
1
|
146
|
30 July 2021
|
|
Does the solution use Role Based permissions/authorisation?
|
|
1
|
155
|
30 July 2021
|
|
Is the CRUD method for authorisation used (Create, Read, Update, Delete)?
|
|
1
|
184
|
30 July 2021
|
|
Does Alloy support connectors to other identity providers e.g. Facebook, LinkedIn, Yahoo?
|
|
1
|
111
|
30 July 2021
|
|
Are new passwords required to be different from previous?
|
|
1
|
140
|
30 July 2021
|
|
Does Alloy support Authentication through 3rd parties using SAML
|
|
1
|
107
|
30 July 2021
|
|
Is it possible to mix SSO and application username & password accounts?
|
|
1
|
138
|
30 July 2021
|
|
Does the solution integrate with Azure Active Directory?
|
|
1
|
111
|
30 July 2021
|
|
Are accounts deactivated if not used for an amount of time?
|
|
1
|
122
|
30 July 2021
|
|
When do sessions timeout for authenticated users?
|
|
1
|
134
|
30 July 2021
|
|
Does the solution support the reuse of the GoogleID/Azure ID via OAuth2/OpenID Connect?
|
|
1
|
169
|
30 July 2021
|
|
Are users shown that a failed login was a username or password that was incorrect?
|
|
1
|
121
|
30 July 2021
|
|
What is the password reset process?
|
|
1
|
128
|
30 July 2021
|
|
Is the password policy configurable?
|
|
1
|
142
|
30 July 2021
|
|
OWASP suggests methods of storing passwords, do you follow this methodology?
|
|
1
|
143
|
30 July 2021
|
|
Is there any authentication for API calls? i.e. OAuth2
|
|
1
|
146
|
30 July 2021
|