IBM Verify

Join this online user group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

View Only

Back to discussions

Expand all | Collapse all

ISDS SSl vs password

1. ISDS SSl vs password

Like
ADAM SKEGGS
Posted Thu June 08, 2023 10:10 AM

Reply
Hi,

Wondering about the following. Users are authenticated in our application by certificates attached to their LDAP entries. There is also a password associated but this the users never use or are even aware of; they have no means of updating it. Is not a password sitting there a risk of some sort? Should not the password attribute be removed and password access be disabled? Don't know what best practice is or what's possible. Don't see anything specific about coordinating SSL and password access in doco, it just seems to be a case of enable SSL and forget about passwords?

In other words shouldn't it be SSL setup or password setup but not both?

------------------------------
ADAM SKEGGS
------------------------------

IBM Verify

IBM Verify

ISDS SSl vs password

1. ISDS SSl vs password

Additional
Resources

Office

Quick Links

IBM Verify

IBM Verify

ISDS SSl vs password

1. ISDS SSl vs password

Additional Resources

Office

Quick Links

Additional
Resources