Self-Service Portal Login Page Security

I do not need a solution (just sharing information)

Hello,

My organization is looking to enable the end-user VIP Self Service Portal url on our Symantec VIP agents so users can login with their Active Directory credentials and self-register/self-manage their hard and soft tokens.  We’d like the url available from outside our network as business use-case dictates we require it, it will be integrated into our Active Directory where group policy is enforcing password and account lockout requirements.  I have concerns regarding exposing a single-factor login form to the wild where anybody could test our Active Directory userids and passwords, not notably I’m worried about opening a new avenue that allows the ability to harvest credentials.  The documentation provided doesn’t seem to reference enforcement of password/account lockout policies for the login page that would mitigate the risk (i.e. max incorrect password attempts, account locking, etc.).  I’m wondering if AD password/account lockout group policy will apply for this login form when logins are attempted and/or if there are additional security features on the Symantec VIP agent side that would further mitigate risk?  Thanks!

0

Related:

Samsung sm-w720, internal keyboard not working during PGP Bootguard password request.

I need a solution

Hello, I installed Symantec PGP on Samsung Galaxy Book sm-w720 and encrypted the hard drive so that when enabled, I would be asked for the boot password. Everything is fine, but during the inclusion and request a password, I can not enter it, the internal keyboard does not work. If you press the keys, it just lights up, but the characters do not appear. I can only enter the password using an external USB keyboard.

Is there any virtual keyboard possibility while Bootguard pass request, or other solution?

0

Related:

Allow Endpoint Protection SBE Cloud portal to change User passwords

I need a solution

We had a key users passwords compromised, and needed to rapidly change user passwords across the organisation. We were able to do this for all other software, but for SEP SBE we had to log into each users account separately, and change their passwords. There was no ability to rapidly force new passwords for all affected user accounts.

Is it possible to add a feature to change or reset user account passwords from within the Endpoint Protection SBE Cloud interface.

0

Related:

  • No Related Posts