Security options
Options
Marcel Bachus
Member, Data Exchange Posts: 29
Still wondering why a software package like JAMA doesn't have solved some/all of the following security issues:
The missing of this security component will be surely an automotive no-go.
- When a user is created he/she will not be asked to change his/her password on the first time they logon.
- There is no limitation on the duration of a password, would like to mandatory change the password every 3 months.
- Would like to see two step verification if a login attempt is made from outside ip address.
The missing of this security component will be surely an automotive no-go.
Marcel Bachus
Innolux Technology Europe B.V
Innolux Technology Europe B.V
0
Comments
-
I would also expect to see an option to force a password change after a password is reset.0
-
At Jama we've found that most IT departments have a long list of password requirements and rarely do these overlap completely. In addition, the top priority is often to not have any passwords managed outside of their internal systems, which means an integration with LDAP, Crowd or SSO via SAML. This is our preference as well and we continue to put energy into these integrations. Currently we are investigating an option for on-premises customers to run our SAML service and integrate with their existing Identity Providers instead of LDAP. It has become common for groups to have Okta, Ping, or ADFS which provides better internal controls and a better SSO experience for the users.
That being said - if you are using Jama to manage authentication, new users should be prompted on their initial login to set their own password and we have strength options aligned with TRUSTe standards.
0
