jeremyowens

We'd like to have members of our Helpdesk be able to perform administrative functions in the PasswordReset Portal, specifically the User Management section. But we do not want to give them full Administrative access to the main PasswordState instance. Is this possible to implement?

+1 The ability to change the text on the RADIUS screen to something else, such as TOKEN, would be nice. The option for the main portal login screens is available at: Administration -> PasswordState Administration -> System Settings -> Authentication Options -> RADIUS Authentication Options (section) You can do this for the main PasswordState portal login screens, but not for the PasswordReset portal. Can we get similar functionality for the PasswordReset portal?

+1

This is a request to allow a notification to be sent to the Security Administrators when an IP address is locked out due to too many attempts, triggering the brute-force lockout.

I’m requesting that the Password Reset Portal generate an email to the end-user whose password was reset using the portal. This request is for a feature that is similar to several web services, such as Google and banking sites, which generate an email to the end-user stating that their password was changed (using the password reset portal), and that if they didn’t change their password, to please contact their support department/Helpdesk/etc. In places where account security is a high-concern, this would be extremely helpful for our end-users to become an additional part of our overall security focus, where another person, hacker, or bot attempted to use the portal to reset their password in order to gain (elevated) access to systems.