Skip to Main Content
IBM Data and AI Ideas Portal for Customers


This portal is to open public enhancement requests against products and services offered by the IBM Data & AI organization. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:


Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,


Post your ideas

Post ideas and requests to enhance a product or service. Take a look at ideas others have posted and upvote them if they matter to you,

  1. Post an idea

  2. Upvote ideas that matter most to you

  3. Get feedback from the IBM team to refine your idea


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

IBM Employees should enter Ideas at https://ideas.ibm.com


Status Not under consideration
Workspace Spectrum LSF
Components Reporting/Explorer
Created by Guest
Created on Jan 20, 2022

Adjust login messages in LSF Explorer for better troubleshooting

We are facing a strange behaviour with the messages for a failed login at LSF Explorer Server.

There are three scenarios:

  • The user is not able to the system on the server where LSF Explorer is installed - hence the user is not able to login to LSF Explorer

  • The user does not have the permission to login to LSF Explorer (wrong/no role or permission in RBAC configuration)

  • The user just had a typo in username and/or password.

Today for the first two scenarios there is the following error message when trying to login:

"The specified user name, password, or combination is incorrect. Verify your input."

Actually this message is at least misleading when troubleshooting if not even technically wrong - as the user name / password might even be correct and the login will fail due to the first two scenarios. We could literally have saved hours of troubleshooting time (together with IBM) if the message would not have been this misleading.


For the third scenario, the message currently is:

"Cannot login with given user name and password."

This is technically correct, but even the error message for the other two scenarios describes the actual situation better.


So two different proposals:

  1. The very basic one: Just exchange the messages for scenarios 1&2 and 3 so it is not that misleading anymore.

  2. The more detailed one which is creating most clarity:

    1. For scenario 1 change the login message to something like "It is not possible for the user to login to this system"

    2. For scenario 2 change the login message to something like "The user has not the permissions required to login to LSF Explorer"

    3. For scenario 3 change the login message to something like the already existing "The specified user name, password, or combination is incorrect. Verify your input."


Thanks for supporting/considering this RFE as it will make operating/troubleshooting LSF Explorer much more handy for users and administrators in the long term use.

Needed By Month
  • Admin
    Bill McMillan
    Reply
    |
    Feb 26, 2024

    While we agree the messages are a little confusing, the feedback from our security focal's is that current best practice is not to make hackers life easier by differentiating between these cases - they shouldn't be able to tell between a bad username/password and it not existing.


    As such, we do not plan to change this at this time.