|
What audit information can be extracted in relation to login attempts?
|
|
1
|
51
|
30 July 2021
|
|
Is there a lockout process for user accounts?
|
|
1
|
43
|
30 July 2021
|
|
Does the solution use Role Based permissions/authorisation?
|
|
1
|
38
|
30 July 2021
|
|
Is the CRUD method for authorisation used (Create, Read, Update, Delete)?
|
|
1
|
43
|
30 July 2021
|
|
Does Alloy support connectors to other identity providers e.g. Facebook, LinkedIn, Yahoo?
|
|
1
|
37
|
30 July 2021
|
|
Are new passwords required to be different from previous?
|
|
1
|
43
|
30 July 2021
|
|
Does Alloy support Authentication through 3rd parties using SAML
|
|
1
|
40
|
30 July 2021
|
|
Is it possible to mix SSO and application username & password accounts?
|
|
1
|
36
|
30 July 2021
|
|
What authentication mechanisms are available?
|
|
1
|
53
|
30 July 2021
|
|
Does the solution integrate with Azure Active Directory?
|
|
1
|
42
|
30 July 2021
|
|
Are accounts deactivated if not used for an amount of time?
|
|
1
|
35
|
30 July 2021
|
|
When do sessions timeout for authenticated users?
|
|
1
|
43
|
30 July 2021
|
|
Does the solution support the reuse of the GoogleID/Azure ID via OAuth2/OpenID Connect?
|
|
1
|
53
|
30 July 2021
|
|
Are users shown that a failed login was a username or password that was incorrect?
|
|
1
|
33
|
30 July 2021
|
|
What is the password reset process?
|
|
1
|
40
|
30 July 2021
|
|
Is the password policy configurable?
|
|
1
|
37
|
30 July 2021
|
|
OWASP suggests methods of storing passwords, do you follow this methodology?
|
|
1
|
43
|
30 July 2021
|
|
Is there any authentication for API calls? i.e. OAuth2
|
|
1
|
50
|
30 July 2021
|