245 - Allow AADS to reset user's password on successful login via SSO
under review
Nick Kwiatkowski
When a user has setup the SSO to allow a Workplace or J100 series phone to login using the corporate IAM rather than a known username and password, there should be an option to allow AADS to scramble or reset the password on each successful login attempt.
Business Case: New requirements of PCI-DSS require passwords to be rotated on a regular basis, including those device-to-machine and user-to-machine passwords that aren't set by a user themselves. By rotating the password on each successful login, the password will remain new. The SSO login portion of AADS allows the user to login with their known credentials; they are not given or exposed the actual internal password used by ASM/SMGR/AADS.
This request would enhance security and will for compliance while still allowing the enterprise to manage the user's password separately.
Raymond Fortier
We just started looking at deploying some of our J100 OTT and our head of security engineering noticed that once he logged the phone in to our IAM he could take the phone and plug it to another network all together and not be asked to login in to IAM again. We opened a ticket with Avaya but they had no current option to fix that.
Avaya Responses
Considering for 10.3
Avaya Responses
marked this post as
under review
S
Slade Besson
Submitted to Avaya 6/29/23