|
What authentication mechanisms are available?
|
|
1
|
136
|
30 July 2021
|
|
What audit information can be extracted in relation to login attempts?
|
|
1
|
137
|
30 July 2021
|
|
Is there a lockout process for user accounts?
|
|
1
|
146
|
30 July 2021
|
|
Does the solution use Role Based permissions/authorisation?
|
|
1
|
157
|
30 July 2021
|
|
Is the CRUD method for authorisation used (Create, Read, Update, Delete)?
|
|
1
|
185
|
30 July 2021
|
|
Does Alloy support connectors to other identity providers e.g. Facebook, LinkedIn, Yahoo?
|
|
1
|
112
|
30 July 2021
|
|
Are new passwords required to be different from previous?
|
|
1
|
141
|
30 July 2021
|
|
Does Alloy support Authentication through 3rd parties using SAML
|
|
1
|
107
|
30 July 2021
|
|
Is it possible to mix SSO and application username & password accounts?
|
|
1
|
140
|
30 July 2021
|
|
Does the solution integrate with Azure Active Directory?
|
|
1
|
111
|
30 July 2021
|
|
Are accounts deactivated if not used for an amount of time?
|
|
1
|
122
|
30 July 2021
|
|
When do sessions timeout for authenticated users?
|
|
1
|
136
|
30 July 2021
|
|
Does the solution support the reuse of the GoogleID/Azure ID via OAuth2/OpenID Connect?
|
|
1
|
169
|
30 July 2021
|
|
Are users shown that a failed login was a username or password that was incorrect?
|
|
1
|
121
|
30 July 2021
|
|
What is the password reset process?
|
|
1
|
129
|
30 July 2021
|
|
Is the password policy configurable?
|
|
1
|
144
|
30 July 2021
|
|
OWASP suggests methods of storing passwords, do you follow this methodology?
|
|
1
|
145
|
30 July 2021
|
|
Is there any authentication for API calls? i.e. OAuth2
|
|
1
|
148
|
30 July 2021
|