What audit information can be extracted in relation to login attempts?
|
|
1
|
109
|
30 July 2021
|
Is there a lockout process for user accounts?
|
|
1
|
84
|
30 July 2021
|
Does the solution use Role Based permissions/authorisation?
|
|
1
|
95
|
30 July 2021
|
Is the CRUD method for authorisation used (Create, Read, Update, Delete)?
|
|
1
|
103
|
30 July 2021
|
Does Alloy support connectors to other identity providers e.g. Facebook, LinkedIn, Yahoo?
|
|
1
|
76
|
30 July 2021
|
Are new passwords required to be different from previous?
|
|
1
|
90
|
30 July 2021
|
Does Alloy support Authentication through 3rd parties using SAML
|
|
1
|
78
|
30 July 2021
|
Is it possible to mix SSO and application username & password accounts?
|
|
1
|
83
|
30 July 2021
|
What authentication mechanisms are available?
|
|
1
|
105
|
30 July 2021
|
Does the solution integrate with Azure Active Directory?
|
|
1
|
83
|
30 July 2021
|
Are accounts deactivated if not used for an amount of time?
|
|
1
|
81
|
30 July 2021
|
When do sessions timeout for authenticated users?
|
|
1
|
83
|
30 July 2021
|
Does the solution support the reuse of the GoogleID/Azure ID via OAuth2/OpenID Connect?
|
|
1
|
124
|
30 July 2021
|
Are users shown that a failed login was a username or password that was incorrect?
|
|
1
|
75
|
30 July 2021
|
What is the password reset process?
|
|
1
|
79
|
30 July 2021
|
Is the password policy configurable?
|
|
1
|
81
|
30 July 2021
|
OWASP suggests methods of storing passwords, do you follow this methodology?
|
|
1
|
90
|
30 July 2021
|
Is there any authentication for API calls? i.e. OAuth2
|
|
1
|
102
|
30 July 2021
|