Release Notes

With this feature it is possible to differentiate the login failures in the audit messages, which one is caused by incorrect password and which one is caused by incorrect login.

Before this change, audit messages were only returned for cases when the authentication failed with FAILURE status, which happens when the user provides an incorrect password. The event type is LOGIN_FAILURE in this case.

With the new changes, it is provided audit information for cases when the authentication fails with DNE status by adding a LOGIN_DNE event type. DNE stands for user "does not exist", it always means that the login (email / screenName / userID) is incorrect.

So with the newly added LOGIN_DNE event type we cover authentication DNE scenarios when the login fails due to incorrect login (email / screenName / userID) .

LPS-159334: As a System Administrator, I want to be able to differentiate between unknown login and incorrect password based on LOGIN_DNE and LOGIN_FAILURE audit events
Generally Available (aka OOTB)

When the users are authenticated through SSO and IdP, it is possible to remove the ability of the end users to add or edit their passwords.

As an Instance Administrator, you are able to configure if the users have the option to give their password at registration and you can remove the whole password block from editing user data, if the password is not changeable by the password policy of the user.

LPS-179686: Ability to remove password change options in the portal
Application Security updates
Generally Available (aka OOTB)

With this new feature, Instance Administrator can export audit data filtered by user as well as filtered by site. They can also store site data for audit events.

LPS-177194: Export audit framework data
Application Security updates
Generally Available (aka OOTB)
Product Capabilities
Feature Availability