|
What audit information can be extracted in relation to login attempts?
|
|
1
|
81
|
30 July 2021
|
|
Is there a lockout process for user accounts?
|
|
1
|
63
|
30 July 2021
|
|
Does the solution use Role Based permissions/authorisation?
|
|
1
|
66
|
30 July 2021
|
|
Is the CRUD method for authorisation used (Create, Read, Update, Delete)?
|
|
1
|
80
|
30 July 2021
|
|
Does Alloy support connectors to other identity providers e.g. Facebook, LinkedIn, Yahoo?
|
|
1
|
59
|
30 July 2021
|
|
Are new passwords required to be different from previous?
|
|
1
|
65
|
30 July 2021
|
|
Does Alloy support Authentication through 3rd parties using SAML
|
|
1
|
64
|
30 July 2021
|
|
Is it possible to mix SSO and application username & password accounts?
|
|
1
|
55
|
30 July 2021
|
|
What authentication mechanisms are available?
|
|
1
|
80
|
30 July 2021
|
|
Does the solution integrate with Azure Active Directory?
|
|
1
|
69
|
30 July 2021
|
|
Are accounts deactivated if not used for an amount of time?
|
|
1
|
55
|
30 July 2021
|
|
When do sessions timeout for authenticated users?
|
|
1
|
63
|
30 July 2021
|
|
Does the solution support the reuse of the GoogleID/Azure ID via OAuth2/OpenID Connect?
|
|
1
|
83
|
30 July 2021
|
|
Are users shown that a failed login was a username or password that was incorrect?
|
|
1
|
54
|
30 July 2021
|
|
What is the password reset process?
|
|
1
|
63
|
30 July 2021
|
|
Is the password policy configurable?
|
|
1
|
60
|
30 July 2021
|
|
OWASP suggests methods of storing passwords, do you follow this methodology?
|
|
1
|
65
|
30 July 2021
|
|
Is there any authentication for API calls? i.e. OAuth2
|
|
1
|
77
|
30 July 2021
|