Learning Center/Support and Feedback/Feature Requests
Provide IP address restriction or user (or maybe role?) logins. Other improve security requests.
Glenn Elliott
suggested this on May 03, 2010 06:30 am
We are evaluating onelogin and another provider and whilst OneLogin is better in a number of ways, the other provider has some important additional functionality around IP address lockdown.
It would be a significant step to better security for us if we could setup a list of allowed IP addesses ( a whitelist) and coud restrict certain users or roles or groups (needs some thought as to which is best for everyone - groups would probably be best for us) to be only eligible to login from those IP addresses, even if they have the correct OneLogin account details.
This is because we have 62 staff, but a group of 30 of them never need to login from outside of our office. So we could improve security by only enabling "roaming login" to those who need it, rather than at the moment where everyone can login from everywhere. We would use this in connection with OTP where roaming users would use a OTP device, and non-roaming users would just use a password.
Also, the maximum password length and complexity restrictions available in Onelogin are currently less than our current standards. We currently require minimum 16 character password with Upper, Lower, Numeric and Special characters. The maximum I can do in oneLogin is 10 character length and "letters and digits" - this wouldn't be enough for us.
Thanks,
G
Comments
Excellent feedback - we appreciate it.
These suggestions won't be that complicated to implement, and we'll add more features like this, when there is a demand. We'll go over your suggestions later today, and draw up a solution.
Stay tuned.
These features (and other interesting stuff) will be available in production by monday. Details to follow.
These requests are now implemented and available. Click here for information on how to use the policy feature.