* Minimal authn level system (choice only)
* (2ndF/OTP mail)
* Combination/Choice for password (using session data)
* Combination: reinitialize password without being authentified
* (Twitter, Facebook,… => no UserDB)
* Menu: how to calculate rights for SAML icons (with internal rules)

3.0:
* tab plugin for menu
* Real federation
* Unify SAML/OIDC presentation in Choice
* Read-only manager
* Register to do
* Brute-force detection ?

* Verify securedCookie=3 (strange)
* Calendar in notifications explorer
* "mail" in UserDB/\*
* verify activeTimer on/off on screen
* Add test for #173