Features

Passwordstate 5.6 Build 5650 (16th May 2013)

New Features

• Added a new feature called Bulk Password Import, which allows you to import multiple passwords into multiple Password Lists at a time (Ref 56.45)

• Horizontal scrollbars weren't showing on multiple pages (Ref 56.46)
• Made some improvements to protecting against any Cross Site Scripting vulnerabilities (Ref 56.47)
• Importing passwords now validates the ExpiryDate field for correct date formats (Ref 56.48)
• When importing passwords, a visual indicator will now show on the screen so you know there is some activity occurring (Ref 54.49(

• Some passwords were showing an incorrect value when 'unmasking' and using IE 10 in compatibility view mode (Ref 56.50)

Passwordstate 5.6 Build 5644 (1st May 2013)

Updated Features

• If you have renamed the Passwordstate database, upgrades will now work without updating SQL scripts (Ref 56.39)
• Provided a debug screen for troubleshooting enumerating members of Active Directory security groups (Ref 56.40)
• Provided customised page with documentation to assist with database connectivity issues i.e. after moving your install to a new database server (Ref 56.41)

• Fixed a bug which was causing upgrades to restart, resulting in schema failures as fields already existed in the database (Ref 56.42)
• Pending access requests were being sent to Security Administrators even though the Password List had one or more Administrators (Ref 56.43)
• Under certain circumstances, it may not have been possible to delete a user's account or a Password List (Ref 56.44)

Passwordstate 5.6 Build 5638 (9th April 2013)

Updated Features

• Provided ability to clone a Password Folder structure, with all Password Lists and/or permissions (Ref 56.36)
• Updated to the latest version of Telerik's ASP.NET AJAX components (Ref 56.37)

• The TreePath value for nested Password Lists was not being updated when a Folder was deleted (Ref 56.38)

Passwordstate 5.6 Build 5635 (21st March 2013)

Updated Features

• Added TreePath column to the 'Request Access to Passwords' screens (Ref 56.27)
• Update the IP Address reported to Syslog servers, inline with RFC 5424 (Ref 56.28)
• Made some further improvements to secure access to various pages (Ref 56.29)
• Updated the latest version of ASP.NET Ajax controls (Ref 56.30)

• Intermittently the error 'Conversion from string "******" to type 'Integer' is not valid' may have occurred when quickly clicking between unmasking passwords, and copying them to the clipboard (Ref 56.31)
• Fixed an intermittent issue where the Emergency Access login would immediately log out after authenticating (Ref 56.32)
• Fixed an issue where Auditing data would on occasion return a NULL error when SQL Server was installed with a different language other than English (United States) (Ref 56.33)
• The Recycle Bin page could not be displayed if the user has chosen to display 'All Records' in the grid controls (Ref 56.34)
• An error occurs when a Security Administrator with only the 'Security Groups' role tries to manually synchronize a security group, which also needs to add a new user account at the same time (Ref 56.35)

Passwordstate 5.6 Build 5626 (1st March 2013)

Updated Features

• Made further improvements to prevent access to pages outside of the normal navigation within Passwordstate (Ref 56.24)

• Introduced a bug in Build 5623 which prevented closing some popup windows when using Internet Explorer (Ref 56.25)
• Deleting a Password List Template was preventing adding new Password Lists if the user had the deleted Template selected in their 'Preferences' area (Ref 56.26)

Passwordstate 5.6 Build 5623 (26th February 2013)

Updated Features

• Added a feature where you can bulk move multiple passwords between Password Lists (Ref 56.18)
• User's with the Security Admin role of 'Password Lists' can now drag and drop Password Lists/Folders in the navigation tree, regardless of any settings restricting this activity (Ref 56.19)
• Improved performance of dragging and dropping nodes in the Password List tree when multiple permissions were applied to Password Lists (Ref 56.20)
• We now prevent Internet Explorer from using a BASEURL value in bookmarks to return to any nested pages contained within iframes (Ref 56.21)

• When User Accounts were added automatically via an AD Security Group synchronization, the PasswordVisibility field was not assigned a value when it should have been (Ref 56.22)
• Fixed an issue where the Tree Path of Password Lists were not being updated when Folders or Password Lists where being renamed (Ref 56.23)

Passwordstate 5.6 Build 5617 (12th February 2013)

Updated Features

• Added option to send emails via TLS (Transport Layer Security) (Ref 56.07)
• Added an option to display URLs in the Password Grid as either an Icon hyperlink, or text based hyperlink (Ref 56.08)
• Added new Email Template to notify administrators when access has been removed via the One-Time Access feature (Ref 56.09)
• When automatically granting Security Administrators permissions to newly created Password Lists, it will now apply permissions based on security groups as well as user accounts (Ref 56.10)
• Made some improvements to ensure manually typed, or bookmarked URLs, are not used (Ref 56.11)
• Tree Path URL was showing an additional \ in emails if the Password List was in the root of the Navigation Tree (Ref 56.12)

• Handshake Approval for permissions was not displaying the countdown timer correctly (Ref 56.13)
• Expiring a user's account on the screen Administration -> User Accounts was not working as expected (Ref 56.14)
• Under certain circumstances, the error 'Command parameter[1] for cs_lib.CheckPendingAccessRequest()' may appear when first browsing to the site (Ref 56.15)
• Clicking on the Cancel button on the Provide Access Reason screen was not responsive if navigating from Auditing screens (Ref 56.16)
• Password History screen was opening instead of Password screen, when the user had view permissions & needed to specify a reason for the access (Ref 56.17)

Passwordstate 5.6 Build 5606 (20th December 2012)

Updated Features

• Added visual reminder at the top of the screen for any Pending Access Requests which haven't been processed yet (Ref 56.04)
• Added 'Active Users' page so Security Administrators can easily see the active sessions in Passwordstate (Ref 56.05)

• Fixed an issue where some customers where experiencing issues performing upgrades when using SQL Server Express (Ref 56.06)

Passwordstate 5.6 Build 5603 (12th December 2012)

Updated Features

• Updated the Email Notification Groups screen so you can easily so which users or security groups have permissions (Ref 55.96)
• Updated to the latest version of ASP.NET Ajax Controls (Ref 55.97)
• Reverted back to previous Edit/View/Add password screens where password field can be masked. A new audit record is now added when opening these pages to indicate it is possible for users to view the password value on these screens (Ref 55.98)
• Now added the option so you can specify who can have access to various Navigation Tabs on the main Password Navigation Panel (Ref 55.99)
• Made some improvements to sizing of the view/edit password screen for the Chrome browser (Ref 56.00)
• Some minor Internet Explorer UI improvements when in Compitiblity View Mode (Ref 56.01)

• Some customers where experiencing queued emails, caused by the Passwordstate Windows Service not being able to determine the IP Address of the web server (Ref 56.02)
• Received the error 'cs_lib.SendEmailNotificationsForNewSecurityGroupAccess' when trying to perform a manual AD synchronization (Ref 56.03)

Passwordstate 5.5 Build 5595 (28th November 2012)

Updated Features

• Made some improvements to the error reporting from the Passwordstate Windows Service, and reduced the time it takes to start processing after server reboot (Ref 55.82)
• Add, Edit & View password pages now show the passwords as you are typing, and have removed Confirm Password field. Full auditing is enabled for view access as well (Ref 55.83)
• Added a new report called 'Password List and Folder Permissions' for specific user accounts - found under the Administration -> User Accounts screen (Ref 55.84)
• Improved error capturing if the session on the web server ended (Ref 55.85)
• Updated 'New User Account' email template to inform the user which account to use to authenticate against Passwordstate (Ref 55.86)
• If the user must 'provide a reason' to access a password record, then they must also do the same now to view the history of a password record (Ref 55.87)
• Disabled user accounts no longer show when applying new permissions to Passwords or Password Lists (Ref 55.88)
• Have now obfuscated password values when 'Viewing Source' for pages which display the password grids (Ref 55.89)
• Now showing URL links in grids as an icon to save on screen real estate (Ref 55.90)
• Made all email notifications now available in the 'Email Notification Groups' section - 8 email types where previously excluded (Ref 55.91)

• When a Security Administrator 'edits' a users account details, it was possible their security admin roles would change if the user they were editing was also a Security Administrator (Ref 55.92)
• Daily Audit Report was being sent to more users than it should have been - should only be sent to Security Admins and Password List Admins (Ref 55.93)
• Disabled notifications in the 'Email Notification Groups' area was still sending emails under certain circumstances (Ref 55.94)
• Received error about 'Column Tree Path does not belong to table' when trying to export all passwords from the Administration area (Ref 55.95)

Passwordstate 5.5 Build 5581 (10th November 2012)

Updated Features

• Updated a Password Lists 'Tree Path' value so it doesn't include the Password List's name (Ref 55.71)
• Added additional information to the Tooltip for each of the Password Lists in the navigation tree (Ref 55.72)
• On the standard Passwords page, added an indicator which shows the user what permissions they have to the Password List (Ref 55.73)
• The toggle password visibility icon on the 'View Password' screen was wrapped to the next line when using Chrome (Ref 55.74)
• Updated the Queued Email screen to provide a little more information, plus the ability to refresh the grid (Ref 55.75)
• Added a new audit event for tracking of emails being sent (Ref 55.76)

• Fixed an issue where the "Save & Add Another' button for new Password Lists was not nesting the Password List correctly in the navigation tree (Ref 55.77)
• If the 'Password Generator' generated a password with html equivalent tags, it may have caused a javascript error on some pages preventing clicking on other controls (Ref 55.78)
• Setting the disable dragging-n-dropping of a Password List for non Admin users in the navigation tree was not working (Ref 55.79)
• If the option to clear the UserID field for manual AD login screens was selected, it was not being honored for 'Additional Authentication' options Navigation Tabs and Password Lists (Ref 55.80)
• Copying the Username field to clipboard feature was not working if 'Provide a Reason for Access' was selected (Ref 55.81)

Passwordstate 5.5 Build 5570 (4th November 2012)

Updated Features

• Improved performance of Passwordstate by storing the Password List Tree Path in the database, instead of querying the the tree structure every time the data was required (Ref 55.66)
• Added 'Save & Add Another' buttons to add Password List, Users and Security Groups screens (Ref 55.67)
• Added additional checks during initial database creation to ensure correct SQL Instance name and accounts have been specified (Ref 55.68)

• Could not delete a security group if permissions were applied to several features in Passwordstate (Ref 55.69)
• A javascript error was preventing clicking of the Cancel button for 'Provide Reason for Access' screens when navigating from Auditing screens (Ref 55.70)

Passwordstate 5.5 Build 5565 (1st November 2012)

Updated Features

• Redesigned the Provide Access Reason screen so it is a little more intuitive (Ref 55.57)
• Updated installer so Passwordstate can be installed on Windows Server 2012 (Ref 55.58)
• Added ability to purge audit records based on a set time period, instead of just purging all records (Ref 55.59)
• Updated the System Setting for who can view Auditing data to apply to both the Auditing tab, as well as the Recent Activity Grid on each of the Password screens (Ref 55.60)
• When a user has View access to a Password and clicks on a link to open the record, they will now be shown a new 'View' screen - instead of the previous 'Edit' screen with certain controls disabled (Ref 55.61)

• When clicking on the 'Save & Sync' button for Active Directory password accounts, a Javascript was preventing the change from being saved (Ref 55.62)
• The 'Filter Recent Activity on this Record' Action for password records was still enabled even if the 'Recent Activity' grid was hidden on the screen (Ref 55.63)
• A bug in the ASP.NET Ajax Controls we're using caused several drop-down combobox items to not be grayed out when they were disabled (Ref 55.64)
• It was possible to add/edit documents for Password Lists when the user had View access (Ref 55.65)

Passwordstate 5.5 Build 5556 (25th October 2012)

Updated Features

• Removed duplicate scrollbars from appearing on Password pages when using small resolution screens (Ref 55.48)
• Added Password List tree structure 'path' columns to the 'Password Lists' and Password Folders' screens in the Administration area (Ref 55.49)
• Added Password List tree structure 'path' to Add/Edit Password pages, various reporting, multiple control's Tooltips & Email Notifications (Ref 55.50)
• Updated to the latest version of Ajax ASP.NET controls for further IE10 support (Ref 55.51)

• Username 'Copy to Clipboard' icon was spilling over to adjacent columns when using small screen resolutions (Ref 55.52)
• Under certain conditions, clicking on 'Save & Add Another' for the Add Password screen, was not clearing the previous password value (Ref 55.53)
• Occasionally a NullReferenceException error was reported for the 'defaultshell' page (Ref 55.54)
• When copying permissions during the creation of a new Password List, the permissions were not being propagated to Folders higher in the hierarchy (Ref 55.55)
• Export All Passwords report was not showing Password List name for lists which had no permissions or passwords (Ref 55.56)

Passwordstate 5.5 Build 5547 (11th October 2012)

Updated Features

• All controls/buttons are now visible and disabled on Password screens, instead of being hidden from users who do not have the permissions to access them (Ref 55.33)
• Updated Edit Password List screen so you could copy permissions and settings from other Password Lists or Templates (Ref 55.34)
• Spaced out some of the icons on the add/edit Password pages (Ref 55.35)
• Updated all Auditing and Password History reports/screens to show 'Seconds' values for date/time fields (Ref 55.36)
• When creating new Password Lists or Folders, it will now appear beneath the selected Password List/Folder in the navigation tree (Ref 55.37)
• An option has now been added which allows selected users to view all Shared Password Lists in the navigation tree if needed, not just the ones they have access to (Ref 55.38)
• You can now view all pending 'Access Requests' instead of just one at a time (Ref 55.39)
• You can now hide the fields, Username, Description and Notes from users when they are searching to request access to Passwords (Ref 55.40)
• Added option to allow non Administrators of Password Lists to view who has permissions to the List (Ref 55.41)

• The option to hide the 'Recent Activity Grid' when users have View access was not working (Ref 55.42)
• HTML formatting in the Delta Permissions Report was not rendering correctly for multiple email clients (Ref 55.43)
• You were able to select ScramblePad Authentication for 'Tabs Security' even though you hadn't specified a ScramblePad Pin Number yet (Ref 55.44)
• It was possible the wrong Password List title was being added to auditing data when approving/denying access to a user's Access Request (Ref 55.45)
• It was possible to search and request access to individual passwords, even though the setting for this feature was disabled (Ref 55.46)
• Password Strength images where showing on add/edit password screens even if the field was not selected (Ref 55.47)

Passwordstate 5.5 Build 5532 (29th September 2012)

Updated Features

• Redesigned the Add New Password List screen so it was more obvious you could copy settings and permissions from other Lists or Templates (Ref 55.11)
• Made further improvements to securing pages which required a separate password to login, by preventing blank passwords from being allowed (Ref 55.12)
• URL field is now included when searching for Passwords (Ref 55.13)
• Email notifications are no longer sent to disabled users accounts (Ref 55.14)
• Added option to allow permissions to be applied more than once for users/security groups to the same Password List (Ref 55.15)
• Added date support for all cultures listed in the .NET Framework (Ref 55.16)
• An option has been provided to allow users to copy/move/link passwords to Password Lists they don't have access to (Ref 55.17)
• An option has been provided to allow users to copy/move/link passwords to Password Lists they only have View access to (Ref 55.18)
• For the AD Integrated version of Passwordstate, we now check if the web server is joined to the domain upon initial setup (Ref 55.19)
• Added email notification for denied access requests to Passwords or Password Lists (Ref 55.20)
• Added progress indicator to Save buttons when importing users/groups from Active Directory (Ref 55.21)
• Permalinks are now automatically inserted into email notifications (Ref 55.22)
• Updated the the latest version of ASP.NET Ajax Controls - for IE10 support (Ref 55.23)

• When adding/editing passwords, using certain special characters was causing javascript errors preventing saving or cancelling the operation (Ref 55.241)
• Fixed an issue where 'Use Manually AD Authentication only after logout' option was not working under certain conditions (Ref 55.25)
• Fixed a bug of 'Object reference not set to an instance of an object - cs_lib.SecurityGroupUAPs' under certain conditions where Additional Authentication Options were set (Ref 55.26)
• When you have chosen to create new Password Lists based on an existing Template (a setting under the Preferences area) the permissions for the Template were not being applied (Ref 55.27)
• Having an unmasked password highlighted on the screen whilst the password was being hidden, caused a Null exception error (Ref 55.28)
• Some special characters in the password field was causing issues with authenticating using the Manual AD Authentication option (Ref 55.29)
• Bookmarking manual login screens was causing issues with authenticating - no response when clicking on Login button (Ref 55.30)
• The ScramblePad 'Generate initial pin number' link was showing on the login screen if this option was set to Mandatory for all users - showed even if the user already had a pin number (Ref 55.31)
• Renaming the 'Default Policy' for Password Strength Policies caused the page not to render (errored) when adding a new Password List (Ref 55.32)

Passwordstate 5.5 Build 5510 (27th August 2012)

Bug Fixes

• It was possible to choose to generate a new password even though the One-Time Access wasn't selected (Ref 55.09)
• In Build 5508 we broke the ability to import single AD accounts (Ref 55.10)

Passwordstate 5.5 Build 5508 (23rd August 2012)

Updated Features

• You can now easily filter the Recent Activity grid for individual password records (Ref 55.01)
• Added 'Historical Password Activity' report to the User Account screen so you can easily report on all passwords related activities for a user (Ref 55.02)
• Added the option to Expire Password Now from the Password Grid's 'Actions' dropdown menu (Ref 55.03)
• When viewing History records, we've now appended the UserID value to the user's name (Ref 55.04)

• Administer Bulk Permissions feature was not working for non Security Administrator roles (Ref 55.05)
• When importing AD user accounts from a Security Group, the domain suffix was being duplicated (Ref 55.06)
• When deleting a user's account, some user related data was not being cleaned up (Ref 55.07)
• Audit record was not being added when viewing a password record in the History screens (Ref 55.08)

Passwordstate 5.5 Build 5500 (20th August 2012)

New Features

• Added Authorized Web Server functionality whereby you must now specify which web server names are hosting the Passwordstate web site. This mitigates against database theft, and hosting in an untrusted environment (Ref 54.71)
• A new Delta Permissions Email Notification report which alerts Password List Administrators of prior and post permission changes to Password Lists (Ref 54.72)
• You can now choose to send all Auditing data to a syslog server (Ref 54.73)
• Enumerated Password Permissions Report which shows access for all users accounts, even if permissions were applied via security group membership (Ref 54.74)
• User must provide reason for accessing password value - either copy to clipboard, or view on screen (Ref 54.75)
• One-Time Access is now possible for password records - as soon as a password is viewed or copied, the user's access is removed (Ref 54.76)

• Improved strength of encryption across multiple fields (Ref 54.77)
• When viewing the screen Administration -> User Accounts, you can easily see which Security Groups the user is a member of by expanding the appropriate grid row (Ref 54.78)
• Made some further improvements to popup window resizing (Ref 54.79)
• Further improved the strength of code obfuscation (Ref 54.80)
• Modified Tooltips for password record Notes so tooltip stays displayed until the mouse moves off - allows copy & pasting (Ref 54.81)
• Password List Template permissions can now be applied to newly created Password Lists (Ref 54.82)
• Each grid row which shows Security Groups for permissions can now be expanded to show members of the Security Group (Ref 54.83)
• Add Time-Based Access feature to Password Folders when managing permissions manually (Ref 54.84)
• Improved performance of SQL queries for Statistics charts on default Home Page and Password Folder pages (Ref 54.85)

• When editing User's accounts, the setting 'Email User Expiring Passwords Report' was not being saved (Ref 54.86)
• When adding/editing a password, the password strength image was being reset to orginal value if the Account Type image was changed (Ref 54.87)
• Changing an Account Type image back to blank, prevents you from saving the password record. (Ref 54.88)
• Under some circumstances, a DBNull error may be experienced if Passwordstate is trying to send email to an account which does not have an email address associated with it (Ref 54.89)
• Access Request emails were being sent when the Email Template was disabled (Ref 54.90)
• Page would not render when clicking on the 'Password Strength Policy' icon at the top-right of the Password grid. (Ref 54.91)
• When editing a Password record, the clickable area for the Copy to Clipboard and Toggle Visibility icons is off centre (Ref 54.92)
• Active Directory security groups with members from multiple domains was not synchronizing properly (Ref 54.93)
• Two Password List Templates settings where not being applied to newly created Password Lists (Ref 54.94)
• Update Access Notes popup window was not closing after clicking on the Save button (Ref 54.95)
• When the display 'Filters' option is selected for columns in the Passwords grid, the scissors image in the Search texbox was displaying (Ref 54.96)
• The filter icon for Date columns was wrapping to the next line (Ref 54.97)
• Manual AD login screen was not reporting a status message if Domain prefix was omitted from login details (Ref 54.98)
• Deleting a Password Generator which is assigned to Password Lists was causing a database Integrity error being reported (Ref 54.99)
• Deleting a Password Strength Policy which is assigned to Password Lists was causing a database Integrity error being reported (Ref 55.00)

Passwordstate 5.4 Build 5470 (1st July 2012)

Updated Features

• Multiple logout screens have now been consolidated to one screen - better support for Microsoft TMG (Ref 54.66)
• Disabled Active Directory user accounts will be disabled immediately now when importing AD accounts or Security Groups (Ref 54.67)

• Fixed error of DBNull conversion error for the Username field when upgrading from older versions of Passwordstate (Ref 54.68)
• Under some circumstances, Active Directory user account status was not being synchronized correctly with Passwordstate (Ref 54.69)
• Some customers were reporting corrupted badpasswords.png and javascript files causing issues with copy to clipboard functionality (Ref 54.70)

Passwordstate 5.4 Build 5465 (24th June 2012)

Updated Features

• All Email Templates can now be disabled if required (Ref 54.63)

• Add New Password screen was on occasion showing white background and no fields for Internet Explorer (Ref 54.64)
• Some Popup Help Screens were not resizing correctly or showing scrollbars when needed (Ref 54.65)

Passwordstate 5.4 Build 5462 (21st June 2012)

New Features

• You can now also copy or email other users Permalinks for entire Password Lists (Ref 54.59)

• Made improvements to debugging information when errors are captured and displayed on the screen (Ref 54.60)

• Fixed a few spelling mistakes (Ref 54.61)
• Fixed an issue on Windows Server 2003 where the error 'cs_lib.SynchronizeFolderAccess' was received either during an upgrade, or when applying permissions to Password Lists (Ref 54.62)

Passwordstate 5.4 Build 5458 (17th June 2012)

New Features

• Provided option for managing permissions on Password Folders manually (Ref 54.27)
• Alerting for excessive access attempts to passwords (Ref 54.) (Ref 54.28)

• Provide feature to disable Drag & Drop at the Password List & Folder Level (Ref 54.29)
• Audit records now have 'View Password' and 'View History' links for relevant password records (Ref 54.30)
• Add additional fields to auditing records for password related events - helps if there are similar Title fields for multiple passwords (Ref 54.31)
• Provide option for the Manual AD Authentication screen to not auto-populate with the detected logged in user (Ref 54.32)
• Importing passwords will now continue to import all valid passwords, and skip invalid ones (Ref 54.33)
• Made some screen layout adjustments to the Add & Edit password pages (Ref 54.34)
• Password fields are now highlighted when they receive focus, making data entry a little easier (Ref 54.35)
• Add date field to QueuedEmail table so Security Administrators are aware of what time emails where added to the queuing system (Ref 54.36)
• Made some further improvements for date handling when querying auditing records (Ref 54.37)
• When specifying a reason for providing access to passwords, the reason is now added to the Auditing log details (Ref 54.38)
• When adding new permissions to passwords, the 'Access Notes' field has now been moved to the main permissions screen, instead of a separate tab (Ref 54.39)
• Allow login in as a different user from the Failed Login Attempt page (Ref 54.40)
• Add ability to search for passwords when a user is requesting access (Ref 54.41)
• Add option to hide Notes field when users are requesting access to passwords (Ref 54.42)
• Add option to prevent saving password if 'Bad' password detected (Ref 54.43)
• Apply Permissions to Folders the same as Password Lists (Ref 54.44)
• Added web site URL link to Daily Audit Report (Ref 54.45)
• Added support for SQL Server 2012 during the initial setup wizard (Ref 54.46)
• All popup screens will now automatically resize for small screen resolutions (Ref 54.47)
• Updated to the latest version of ASP.NET Ajax Controls (Ref 54.48)

• When using HTTPS, was receiving a message for popup screens about content not being delivered using a secure HTTPS connection (Ref 54.49)
• Pasting in Microsoft Word content into the Passwords Note field can causing issues with HTML displaying correctly on the screen (Ref 54.50)
• If selecting a Password Folder as the default Home Page, it was not navigating to the correct page when Passwordstate first opens (Ref 54.51)
• Tooltips for some Grid Headers was displaying twice (Ref 54.52)
• Passwordstate Service sending emails even though the template was disabled system wide (Ref 54.53)
• Opening documents in Firefox which had spaces in the filename was causing the filename to be truncated (Ref 54.54)
• Can add duplicate user accounts to a Local Secutity Group (Ref 54.55)
• "Expected hexadecimal digit" javascript error in Internet Explorer for the page navshell.aspx if the user's UserID starts with a U - \u is reserved in JScript (Ref 54.56)
• When requesting access to Password Lists, a Password List was shown mulitple times if the user had access applied to their own user account and a security group they belonged to (Ref 54.57)
• Daily Audit Reports were being sent twice to Security Administrators of Passwordstate (Ref 54.58)

Passwordstate 5.4 Build 5426 (16th May 2012)

Updated Features

• Reworded references for 'Secondary Authentication' options so feature is a little clearer (Ref 54.22)
• Passwordstate now redirects to the AD Login page if the users account doesn't exist in Passwordstate, and the option for Manual AD authentication is set (Ref 54.23)
• Updated to latest version of ASP.NET Ajax Controls (Ref 54.24)

• Re-engineer Audit Log Tampering to overcome issues of AuditID values not being sequential, and AuditDate mismatches (Ref 54.25)
• Active Directory 'Save & Sync' animation was shown even if the form elements on the Edit Password page where not validated (Ref 54.26)

Passwordstate 5.4 Build 5421 (6th May 2012)

Updated Features

• Added additional Code Pages for exporting data to csv (Ref 54.17)
• Added further logging to file '/setup/logs/upgradelog.txt' during upgrade routines (Ref 54.18)

• Double quotes in certain fields was causing issues with exporting Password Lists (Ref 54.19)
• On occasion Audit Log Tamper records where indicating modified records either 1 second out, or no time differences due to millisecond rounding (Ref 54.20)
• Wrong Active Directory UserID was being imported if a Security Group had two accounts with identical Usernames (Ref 54.21)

Passwordstate 5.4 Build 5416 (30th April 2012)

New Features

• Email Notification Groups can be used to administer real-time email notifications for multiple Users or Security Groups (54.11)

• Running reports now displays a popup indicator showing the report is running (Ref 54.12)
• A Password Synchronization Report can now be run for Password Lists enabled for Active Directory or Windows Server password synchronization (Ref 54.13)

• View Security Group Membership page had label for Security Group type undefined for various screens (54.14)
• Queued Email link was showing to all users after Ajax page postback (54.15)
• When editing a Password record, the 'Account Synchronization Enabled ' message was displayed even through the Account Type of 'Windows' was not selected (Ref 54.16)

Passwordstate 5.4 Build 5410 (24th April 2012)

Updated Features

• Provided an option where access from the Internet will provide users with the manual Active Directory login page. This would generally be setup with a second site in IIS (Ref 54.03)

• Tampered Audit records was still sending email alerts even after all records where set to be ignored (Ref 54.04)
• When using the Manual AD login page, you couldn't log in as a different domain account compared to what you were already logged onto on your PC (Ref 54.05)
• Tampered Audit Records page could not scroll when mulitple records are displayed on the screen (Ref 54.06)
• Generate Initial Pin Number link/button kept appearing even after generating a pin (for ScramblePad Authentication) (Ref 54.07)
• Certain controls on the Password List page were not functioning when Password List title had a single quote in it (Ref 54.08)
• Under certain circumstances, using the Less Than Symbol (<) prevented saving of password records (Ref 54.09)
• Fixed a couple of spelling mistakes on System Settings and Setup Complete pages (Ref 54.10)

Passwordstate 5.4 Build 5402 (12th April 2012)

Bug Fixes

• Fixed an issue whereby the default CodePage was not specified, causing issues when trying to generate a CSV template file (Ref 54.02)

Passwordstate 5.4 Build 5401 (10th April 2012)

Updated Features

• Added an option to make the system wide Secondary Authentication options mandatory for all users (Ref 54.01)

Passwordstate 5.4 Build 5400 (6th April 2012)

New Features

• Passwords in Passwordstate can now be synchronized with Active Directory, or Windows Servers (Ref 53.01)
• Specify the preferred or mandatory Password Strength Compliance for Password Lists (Ref 53.02)
• Clicking on a Password Folder now allows you to search search for passwords, and filter Favorites, based on the folder contents (Ref 53.03)
• You can now set an option per Password List to set restrictions on reusing old passwords (Ref 53.04)
• Password protect Password Lists. You now have the option of specifying additional authentication steps prior to viewing a Password List (53.05)
• Navigation Tabs Authentication options. You now have the option of specifying additional authentication steps prior to accessing each of the Navigation Tabs (53.06)
• Multiple documents can now be uploaded to individual password records and Password Lists (Ref 53.07)
• Any tampering of auditing logs is now detected, and reported to Security Administrators (Ref 53.08)
• Password List Templates can now be shared with other users, and all permissions and modifications to a template will log audit events (Ref 53.09)
• Security Administrators can now administer all the Password List Templates stored within Passwordstate (Ref 53.10)
• You can now specify your own custom logo at the top of the Passwordstate screen if you wish (Ref 53.11)
• Secondary Authentication options can now be applied System Wide, to an individual Users Account, or to members of a Security Group (53.12)
• User Acceptance Policies can now also be applied to members of specific Security Groups (Ref 53.13)
• Security Administrator roles can now be applied to members of specific Security Groups (Ref 53.14)
• Provided option to restrict who can Drag n Drop Password Lists and Folders (Ref 53.15)

• Improved the speed of typing when Adding/Editing Passwords - typing and Password Strength Indicator update a lot faster now (Ref 53.16)
• Adding or editing a Password record now opens the screen in a popup window (Ref 53.17)
• Copy and Email Password Links has now been renamed to Password Permalinks, and you can also easily copy the link to the Clipboard now (Ref 53.18)
• You can now specify authentication details for you proxy server if required - used for checking for new builds of Passwordstate (Ref 53.19)
• Added Copy to Clipboard feature for Username field (Ref 53.20)
• All custom images and logos are now automatically replicated to the High Availability instance of Passwordstate (Ref 53.21)
• You can now have different Internet protocols in the URL field instead of just HTTP & HTTPS i.e. FTP can also be launched from this field (Ref 53.22)
• You can now choose who the Primary and Secondary approvers are for Handshake approval requests (Ref 53.23)
• You can now select the default Password List Template to be used when creating new Password Lists - this will copy all settings and permissions (Ref 53.24)
• Disabled Form Autocompletion for Password Texboxes as it can interfere with the Password Strength indicator image (Ref 53.25)
• During a new install we now check if the Passwordstate database already exists, in case upgrade instructions were not followed properly (Ref 53.26)
• Notes field for Passwords records can now include HTML formatting (Ref 53.27)
• Provided the option to specify the Code Page type when exporting or importing data. This can be applied system wide, or per Password List (Ref 53.28)
• Added the Password List image next to the title on the passwords page (Ref 53.29)
• Added real-time email alerting options for when users copy passwords to the clipboard, or viewed passwords (Ref 53.30)
• A visual indicator will now appear at the top of the screen informing Security Administrators of any queued emails (Ref 53.31)
• Improved Audit Reporting to allow reporting for all Activities relating to a Password List, instead of having to select a specific Audit Activity (Ref 53.32)
• Updated Active Directory troubleshooting tips screen regarding Application Pool identities (Ref 53.33)
• Added option for showing a set length for password masking instead of the actual length of the password (Ref 53.34)
• Provided option to disable Expiry Date field for all users except Password List Administrators (Ref 53.35)
• Provided the option to quickly change the settings for an existing Password List based on a Password List Template (Ref 53.36)
• Provided option to autotmatically recalculate Expiry Date value for Passwords, for a set number of days, after the Password has been reset (Ref 53.37)
• Moved the Guide & Password Strength Policy icons to the top right-hand side of the Passwords grid (Ref 53.38)
• Improvements have been made for tracking the renaming of Security Groups in Active Directory, and synchonizing those changes within Passwordstate (Ref 53.39)
• Changed 'Actions' dropdown graphic in grids so icons are more obvious to users (Ref 53.40)
• Administer Bulk Permissions functionality is now available to all users, not just Security Administrators of Passwordstate (Ref 53.41)
• Updated the mouse rollover effect on hyperlinks for better visual appeal (Ref 53.42)
• Added an icon next to the Title of the Password if there are inidividual permissions applied. Clicking on this icon will quickly display the permissions (Ref 53.43)
• Added Audit Log Entries for Successful and Failed Authentication Attempts (Ref 53.44)
• Provided option to enable or disable Password Search Criteria stickiness across multiple screens (53.45)
• You can now choose to display all rows for a grid on the screen if needed (Ref 53.46)
• Provided option for easily cleare the contents of Password search textboxes (Ref 53.47)
• Provided popup information windows for Password Strength Policy and Password Generator options when adding or editing Password List details (Ref 53.48)
• Updated Log Out Screen to inform users of cached credentials if using another persons computer (Ref 53.49)
• Redesigned the secondary authentication options under Administration -> System Settings (53.50)
• Provided option to direct Password access requests to Security Administrators if the Password List has no nominated administrators (Ref 53.51)
• Users can now specify their own ScramblePad Pin Number instead of relying on a randomly generated number (Ref 53.52)
• When searching for users, you can now also search using their UserID - previously just First Name and Surname (Ref 53.53)
• Allow grid columns to automatically resize in width simply by double clicking on the 'drag to resize' heading divider (Ref 53.54)
• Further strengthened the integrity of data in the database to prevent changes direct through the backend (Ref 53.55)
• Updated to the latest version of ASP.NET controls (Ref 53.56)
• Delayed popup of initial Show Tour screen to give Passwordstate time to finish loading (Ref 53.57)
• Made improvements to reduce the possibilities of any Cross Site Scripting vulnerabilities by valformed querystrings or form submissions (Ref 53.58)
• When copying or moving Passwords between lists, the tree structure is now provided so it's easier to determine which Password List you are selecting (Ref 53.59)

• Copy to Clipboard icon positioning was off with Chrome/Firefox (Ref 53.60)
• View or Email Password Link Popup Window not Working from Passwords Home Page (Ref 53.61)
• Some audit activities were not being logged correctly if the user's account was disabled (Ref 53.62)
• Removing access to a Password List was being reported as Access Updated (Ref 53.63)
• The Password Generator options where not being saved to Password List Templates (Ref 53.64)
• With charts turned off, if you selected 'Save Grid Layout', the charts appear again until the screen is next refreshed (Ref 53.65)
• Duplicate permissions were being added for Password Folders - although not noticable to any users (Ref 53.66)
• Emails were being sent when access was granted or removed from Password Lists when the Email Templates were disabled (Ref 53.67)
• New members being added to security groups were not being granted access to any required Password Folders (Ref 53.68)
• Fixed issue where manual AD Sync for Security Groups was not processing deleted accounts in Active Directory (Ref 53.69)
• Could not expand or collapse Password Tree Nodes when using the High Availability instance (Ref 53.70)

Passwordstate 5.3 Build 5302 (17th January 2012)

Bug Fixes

• A deletion of a Password List was not being reported on the screen Administration -> Auditing (Ref 53.01)
• Server Error in '/' Application" error when accessing the Emergency Access feature - caused by the option to hide the 'Auditing' tab from users (Ref 53.02)

Passwordstate 5.3 Build 5300 (21st December 2011)

New Features

• We've introduced a new feature called Emergency Access. This access is only meant to be used when other forms of user authentication are not possible i.e. AD is unavailable, or users are unavailable (Ref 52.11)
• Recycle Bin for deleted passwords. You can now restore deleted passwords from the recycled bin if required (Ref 52.12)
• You can now specify which users (all, none, individuals or security groups members) can create Password Lists, Password Folders, Administer Password List Templates, or request access to passwords (Ref 52.13)
• Provided the feature whereby you can link passwords copying them between Password Lists - all details are synchronized between Password Lists (Ref 52.14)
• Multiple Password Generator options are now possible allowing you to assign each Password Generator to different Password Lists (Ref 52.15)
• User can now choose exactly which email notifications they would like to receive or suppress (Ref 52.16)
• You can now synchronize the enabled/disabled status of an Active Directory account in Passwordstate (Ref 52.17)
• When an Active Directory account is deleted, you can now either choose to delete, disable or ignore the matching user account in Passwordstate (Ref 52.18)
• Modify permissions for Password Lists now has the following options - Add, Edit or Delete passwords (Ref 52.19)
• When users has 'Guest' access to a Password List, you can now choose to allow them to also create new password records (Ref 52.20)
• You can now choose to receive a Daily Audit Report via email showing the past days activities for the Password Lists you have access to (Ref 52.21)
• Provided the option to disable the feature which allows you to purge all auditing records (Ref 52.22)
• Provided option to View or Email another user a direct link to a Password record (Ref 52.23)

• Updated the automatic time-out popup to use a blank background page to prevent gaining access to password records using tools such as Firebug or Chrome's Developer Tools (Ref 52.24)
• Clicking the Password List Guide icon now opens the Guide in a separate window for easier viewing (Ref 52.25)
• When specifying the initial database connection settings, you must now click on the 'Test Connection' button before proceeding (Ref 52.26)
• Updated the page which identifies issues when querying for new builds of Passwordstate - better description and you can specify proxy settings on this page (Ref 52.27)
• Updated to the latest version of .NET Ajax Controls (Ref 52.28)
• Provided descriptions for what each of the Email Templates are intended for (Ref 52.29)
• Provided options to enable or disable all Email Templates (Ref 52.30)
• Updated Installer to check for web server prerequisites prior to performing the installation (ref 52.31)

• The inactivity timeout was not being reset when users click to view or copy a password to the clipboard (Ref 52.32)
• Fixed error of DBNull conversion error when copying passwords between Password Lists (Ref 52.33)
• When the Passwordstate Windows Service was sending the Expiring Passwords Email report, it was registering an error if the user did not have an associated email address (Ref 52.34)
• Auditing function for general users was not filtering records correctly (Ref 52.35)
• View Security Group Membership Graphic not showing properly on 'Add from AD' screen (Ref 52.36)
• Using Chrome, the Grid on the User Accounts page was expanded horizontally beyond the page width (Ref 52.37)
• Importing AD Accounts with a blank surname caused 'Conversion from type DBNull to type String is not valid' when adding the account as a Security Administrator (Ref 52.38)
• Popup message when saving changes to a Password Folder was incorrect (Ref 52.39)
• When Passwords where exported as part of the 'Bulk Update' process, Security Administrators where not being alerted via an email (Ref 52.40)
• Audit events for enabling an Email Template was not reflected properly (Ref 52.41)
• When adding a new password record, the password values can be cleared from the textbox if you change the Account Type image after entering the password (Ref 52.42)
• When searching from the Passwords Home page, not all records were being returned if multiple permissions where applied to the same Password List (52.43)

Passwordstate 5.2 Build 5210 (30th October 2011)

Updated Features

• Made further changes to the Passwordstate Windows Service to mitigate against Security Groups being removed from Passwordstate if an error was experienced querying Active Directory (Ref 52.04)
• Made further improvements for detection of Active Directory settings during the initial setup of Passwordstate (Ref 52.05)

• When the authentication option for manually specifying your Active Directory username and password was chosen, it was not authenticating against secondary trusted domains (Ref 52.06)
• 'String or binary data would be truncated' error was received when trying to save the number of grid rows in the screen Administration -> Password Folders -> View Folder Permissions (Ref 52.07)
• Scrollbars were showing on the add/edit pages for Password Strength Policies when they didn't need to be (Ref 52.08)
• Reintroduce several bugs previously found in the Passwordstate Windows Service (Ref 52.09)
• Previously you were able to enter 0 for the field 'Preferred Length' field for a Password Strength Policy. This was causing an error regarding 'too large or too small for a Decimal' when viewing the Password List (Ref 52.10)

Passwordstate 5.2 Build 5203 (22nd October 2011)

Bug Fixes

• Conversion error was experienced when trying to copy password records between Password Lists when the record did not have a document attachment (Ref 52.01)
• Initial setup procedure was executed again after updating license information from the page Administration -> User Accounts (Ref 52.02)
• When columns are added/deleted from a Password List, the changes are now shown immediately in the grid view for all users - this was not always the case previously(Ref 52.03)

Passwordstate 5.2 Build 5200 (3rd October 2011)

New Features

• Passwordstate now supports Region Settings (Locales) for individual user accounts which are in different time-zones (Ref 51.38)
• You can now upload documents and attached them to individual Password records (Ref 51.39)
• You can now have multiple Password Strength Policies, and apply them to different Password Lists (Ref 51.40)
• You can now hide the Auditing tab from users if required (Ref 51.41)
• Multiple options are now available for automatically hiding visible passwords - a set time period, or variable time periods based on password complexity or length (Ref 51.42)
• Security Administrators can now be alerted via email if users export passwords to a csv file (Ref 51.43)
• Provided option to hide the Recent Activity Grid from all users based on their permission to the relevant Password List (Ref 51.44)
• On the main Passwords page, you can now choose to display the Actions Toolbar (Add Password, Import Passwords, List Administrator Actions, etc) at either the top, bottom or top & bottom of the Passwords Grid (Ref 51.45)
• You now have the ability to administer Password Folders from the Administration area of Passwordstate (Ref 51.46)
• Security Administrators can now choose to make the ScramblePad Authentication option mandatory for individual user accounts (Ref 51.47)

• You can enable/disable the following options - Create Shared & Private Password Lists, as well as Password Folders (Ref 51.48)
• You can now decline a Handshake Approval without the second approver being online (ref 51.49)
• Improved Email Template Editor and provided help and functionality for inserting various Variables (ref 51.50)
• Security Administrators can now specify most User Preferences for them within the Administration -> User Accounts area (Ref 51.51)
• Updated to the latest version of ASP.NET Ajax components (Ref 51.52)
• Now show progress animated graphic when navigating between pages in Grids (Ref 51.53)
• The Passwordstate web site now has its own dedicated Application Pool in IIS (Ref 51.54)

• Dramatically improved the performance of query large Password Lists which had duplicate permissions applied for users or security groups (Ref 51.55)
• On occasion, some 'action' drop-down menus within Grids was not being displayed correctly (Ref 51.56)
• Fixed issue where the 'star' Password Strength indicator graphic would remain on a fixed position on the screen when the page was scrolled (Ref 51.57)
• Fixed issue with Internet Explorer browser where Password List navigation tree was not being automatically updated when a new Password List or Folders were added (Ref 51.58)
• Fixed scrollbars not appearing on some pages when using small screen resolutions (Ref 51.59)
• System.Threading.Thread.AbortInternal() error when apply permissions for a Security Group which had no members belonging to it (Ref 51.60)
• When viewing some Permission 'Access Notes', error Conversion from type 'DBNull' to type 'String' is not valid was experienced (Ref 51.61)
• The Passwordstate Windows Service was unable to read the database connection string in the web.config file is the connection string was encrypted. It can now successfully decrypt the connection string (Ref 51.62)
• Clicking on a visible Password in the grid view was not immediately hiding it (Ref 51.63)

Passwordstate 5.1 Build 5137 (20th August 2011)

Updated Features

• During the intial setup, you are now given the opportunity to review/change your Active Directory Domain details if required (Ref 51.37)

• Incorrect user session after log out/in with different accounts when using the option specify AD domain credentials manually (Ref 51.29)
• JPG Images not showing when adding/editing new Password Lists, or password records (Ref 51.30)
• Automatic session timeout not working when using the manual Active Directory authentication method (Ref 51.31)
• Made improvements to prevent NULL fields being added to Auditing table as audit events coincide with session timeouts (Ref 51.32)
• Number of images in images/LookupImages folder does not match the number of records in the AccountTypes table (Ref 51.33)
• Issue with Chrome browser where Password List navigation tree was not being automatically updated when a new folder was added (Ref 51.34)
• Added scrollbars to initial setup pages for use on lower resolution screens (Ref 51.35)
• Occasionally users were not given access to Password Folders when Password Lists were dragged into them (Ref 51.36)

Passwordstate 5.1 Build 5128 (9th August 2011)

Updated Features

• Provided further debug information for Passwordstate Service when writing to the application event log (Ref 51.26)
• Updated to the latest version of ASP.NET Ajax components (Ref 51.27)
• Made modifications to the Passwordstate Windows Service when quering Active Directory Security Groups - on occasion, some Security Groups were being removed if AD could not be queried (Ref 51.28)

• Corrected spelling mistake when hovering over notification of new build being available (Ref 51.22)
• Emails were not being sent from the Passwordstate Windows Service if account authentication details were set to NULL in the database (Ref 51.23)
• Remove AuditID column value when exporting audit records to a csv file (Ref 51.24)
• Fixed 'Conversion from type DBNull to type String is not valid' error when querying audit records if the user's first name or surname was set to NULL in the database (Ref 51.25)

Passwordstate 5.1 Build 5121 (16th July 2011)

Bug Fixes

• Importing CSV files now correctly imports Unicode characters (Ref 51.19)
• Fixed horizontal scrollbar being missing on normal Passwords page for small screen resolutions (Ref 51.20)
• Fixed a type for requesting access to Passwords in the 'Select an Action' dropdown list (Ref 51.21)

Passwordstate 5.1 Build 5118 (12th July 2011)

New Features

• Provided the option to prevent exporting Passwords for Private Password Lists (Ref 51.17)

• Generating the 'Export Password Strength Report' for Private Password Lists was not returning any results (Ref 51.18)

Passwordstate 5.1 Build 5116 (10th July 2011)

Bug Fixes

• Provided an option to specify the use of a proxy server when Passwordstate queries the Click Studios web site for new updates. This was causing initial load delays for organizations who do not support direct Internet access (Ref 51.16)

Passwordstate 5.1 Build 5115 (9th July 2011)

Updated Features

• Relabelled 'Import from AD' button for user accounts to 'Add from AD', so it is more obvious you are not imported all AD accounts (Ref 51.14)
• Made modifications to Bad Password reporting to improve performance of Password Lists with a large number of records (Ref 51.15)

• Fixed spelling errors in guided tour (Ref 51.12)
• Fixed an upgrade problem from Version 4.5 whereby the visibility of Password grid columns was not being saved (Ref 51.13)

Passwordstate 5.1 Build 5111 (5th July 2011)

Bug Fixes

• Fixed problem where Annual Support license key would not register correctly when using version 5.1 of Passwordstate (Ref 51.11)

Passwordstate 5.1 Build 5110 (4th July 2011)

New Features

• Added the option whereby new users to Passwordstate are asked if they wish to take a tour highlighting the key features (Ref 51.06)
• Added the option whereby Security Administrators can automatically be granted Admin access to all new Shared Password Lists as they are created (Ref 51.07)

• Added some database indexes to improve database query performance (Ref 51.08)
• All ViewState is now compressed on all pages for better performance (Ref 51.09)
• Added additional tips to the Guided Tour feature (Ref 51.10)

Passwordstate 5.1 Build 5105 (1st July 2011)

Bug Fixes

• Hiding the Statistics chart on the default Password Home Page was causing the page not to load (Ref 51.05)

Passwordstate 5.1 Build 5104 (28th June 2011)

Bug Fixes

• If newly created Password Lists was dragged underneath a parent Password List or Folder, the parent Password List/Folder would be moved to the root of the Password navigation tree (Ref 51.03)
• The 'Confirm Password' textbox when adding/editing Passwords in Chrome/Firefox was right aligned (Ref 51.04)

Passwordstate 5.1 Build 5102 (27th June 2011)

Updated Features

• Improved the way Password Folders are share with other users. If a Password List is dropped into a deeply nested Password Folder, permissions will be applied to all the folders up the navigation tree now, instead of just the immediate parent node (Ref 51.01)
• Provide the option whereby the Security Administrators can specify what a users ScramblePad Pin number is, instead of just creating a random one (Ref 51.02)

Passwordstate 5.1 Build 5100 (26th June 2011)

New Features

• Password Lists can now be organised within folders (Ref 50.33)
• The navigation tree structure for Password Lists is now shared with all users who have access to the Password Lists (Ref 50.34)
• The notes field for passwords is now searchable across all screens (Ref 50.35)
• Added an option to add one password after another, instead of returning back to the Passwords screen every time you add a new password (Ref 50.36)
• Added an option which allows restricting of searching for users (when applying permissions) to only users who are in the same Security Groups as the person granting the access (Ref 50.37)
• Provided 3 authentication options when using Integrated AD Authentication (Ref 50.38):
Pass through authentication from your web browser to Passwordstate (does not require use to type user name & password)
Require users to enter user name & password after they have manually, or been automatically, logged out of Passwordstate
Require users to enter user name & password every time they wish to use Passwordstate - including after they have been logged out
• Added option whereby Security Administrators can be alerted to failed login attempts into Passwordstate (Ref 50.39)
• Added the concept of 'Bad Passwords', whereby users are informed a password they are trying to add/edit is deemed to be bad - and the appropriate strength indicator is shown (Ref 50.40)
• Added two new options to the Password Generator - 1. Insert Word Phrases randomly into Alphanumeric passwords, and 2. Provide 'No Separation' option between Word Phrases (Ref 50.41)
• Added the option for the Password Generator to ensure passwords meet a minimum password complexity (Ref 50.42)
• Added 'Access Notes' for when granting permission to passwords, so reasons can be journaled if required (Ref 50.43)
• Optional timer for automatically hiding passwords when a user views them in the password grid view (Ref 50.44)
• Optional timer for automatically clearing the clipboard after passwords have been copied to it (Chrome and Firefox users are presented with a button they must click on the clear the clipboard) (Ref 50.45)
• Added the option for Security Administrators to enforce the same Password Generator options for all users (Ref 50.46)
• Added the ability to create templates for Password Lists, where preferred options can be reused when creating new Password Lists (Ref 50.47)
• When creating a new Password List, you can now base all the settings on an existing Password List, as well as copy the permissions if required (Ref 50.48)
• Within the 'Screen Options' for Password Lists, you can now choose to apply the visibility of columns to the current Password List, selected Password Lists, or all Password Lists (Ref 50.49)
• On the 'Passwords Home' page, we've added the option where you can choose which columns are visible for the 'Search Results' and 'Favorite Passwords' (Ref 50.50)
• On the 'Passwords Home' page, you can now hide 'Favorite Passwords' if you do not wish to see them (Ref 50.51)
• Provided the option whereby users can request access to Password Lists or individual passwords (actual passwords are not displayed). Either of these options can be enabled or disabled (Ref 50.52)

• Update to the most recent version of ASP.NET Ajax Controls (Ref 50.53)
• When scrolling down the page and clicking on the 'Copy to Clipboard' graphic, no longer are you returned to the top of the page - scrolling position isn't affected (Ref 50.54)

• User's were able to save the expand/collapse state for the Password List navigation tree nodes when using the High Availability module (Ref 50.55)
• When exporting Passwords from the 'List Administrator Actions' dropdown list, removed the Favorite Password indicator column (Ref 50.56)
• If the 'Description' field for a password record had double quotes in it, an audit record was not being added when a user copied the password to the clipboard (Ref 50.57)

Passwordstate 5.0 Build 5032 (13th June 2011)

Bug Fixes

• Could not create a new Password List from the general user area of Passwordstate (introduce in build 5031) - clicking on the 'Save' button gave no response (Ref 50.32)

Passwordstate 5.0 Build 5031 (7th June 2011)

Bug Fixes

• Could not create a new Password List from the Administration -> Password Lists area - clicking on the 'Save' button gave no response (Ref 50.31)

Passwordstate 5.0 Build 5030 (20th May 2011)

Updated Features

• Changed drag and drop nature for grid columns so it inserts the column instead of swapping (Ref 50.28)
• Modified adding of new Password Lists so Security Administrators can allow or disallow either Shared or Private Password Lists (Ref 50.29)
• Disabled the ability for adding permissions to Private Password Lists (Ref 50.30)

Passwordstate 5.0 Build 5027 (19th May 2011)

Updated Features

• Updated to the latest version of ASP.NET Ajax components (Ref 50.27)

• 'Account Type' field was being treated as a mandatory field (when it shouldn't have been) when adding/editing passwords (Ref 50.23)
• Spelling mistake in 'Grid Layout Actions' drop-down list (Ref 50.24)
• Reorganizing grid columns was not being saved when clicking on 'Save Grid Layout' (Ref 50.25)
• Applying 'Bulk Permissions' for Active Directory security groups was not working properly for permission type Modify (Ref 50.26)

Passwordstate 5.0 Build 5022 (4th May 2011)

Bug Fixes

• Fixed issue whereby the approver's names for Handshake Requests approvels was not being displayed correctly (Ref 50.22)

Passwordstate 5.0 Build 5021 (28th April 2011)

Updated Features

• If a user's account is disabled, their access to Passwordstate will be disabled immediately - previously it required them to start a new session to received the disabled message page (Ref 50.21)

• When viewing all User Accounts, any disabled accounts did not have the 'Disabled' flag shown correctly (Ref 50.18)
• Time-based access to Password Lists and individual passwords was not being correctly removed at the specified time (Ref 50.19)
• Password Reset Recommendation emails where being sent to disabled User Accounts (Ref 50.20)

Passwordstate 5.0 Build 5017 (19th April 2011)

Updated Features

• Improvements to auditing whereby all records are shown by default - no longer are you forced to filter by specific Password Lists or Events (Ref 50.17)

• Further improvements to the Image dropdown list being cutoff at the bottom of the browser when adding or editing Password Lists. (Ref 50.15)
• Scrollbar was not showing when clicking on the Password List dropdown list for auditing screens (Ref 50.16)

Passwordstate 5.0 Build 5014 (12th April 2011)

Updated Features

• Updated the 'Share Navigation Tree View' page to inform the user the settings are only applied once when clicking the save buttons - it does not get applied ongoing (Ref 50.14)

• When using ScramblePad Authentication, the error "Incorrect syntax near the keyword 'DEFAULT'." was received when logging in, but only after the browser window had been idle longer than the time specified for 'Inactivity Time Out' in the Administration area (Ref 50.12)
• When using ScramblePad Authentication and prompted with the logout screen, you weren't asked to log back in using the ScramblePad authentication (Ref 50.13)

Passwordstate 5.0 Build 5011 (9th April 2011)

New Features

• You can now share your Password List Navigation Tree View with other users (Ref 50.11)

Passwordstate 5.0 Build 5010 (8th April 2011)

New Features

• Increased the countdown timer for generating the initial ScramblePad pin to 30 seconds (Ref 50.10)

Passwordstate 5.0 Build 5009 (6th April 2011)

Bug Fixes

• Could not purge Audit records when using the High Availability module - SQL Server replication prevented it (Ref 50.07)
• When using the High Availability module, clicking on the button to purge Audit Records incorrectly reported the records were going to be purged (Ref 50.08)
• When Copying or Moving passwords between Password Lists, the popup window would not close when using Firefox (Ref 50.09)

Passwordstate 5.0 Build 5006 (3rd April 2011)

Updated Features

• Updated to the latest version of ASP.NET Ajax controls (Ref 50.05)
• Updated logout screen to provide the option to log back in (Ref 50.06)

• The Image dropdown list was cutoff at the bottom of the browser when adding or editing Password Lists. Only effected small screen resolutions (Ref 50.01)
• When an unregistered users browses to the Passwordstate web site they receive the error - 'Incorrect syntax near.... DEFAULT' (Ref 50.02)
• When exporting data to csv, some non-english character sets where not being translated correctly (Ref 50.03)
• Improved memory consumption for w3wp.exe process (IIS Worker Process) (Ref 50.04)

Passwordstate 5.0 (19th March 2011)

New Features

• Complete new user interface
• New and improved home page for searching across all Password Lists, quick access to favorites, and statistics for most active users and passwords
• Improved role-based access – read, modify and admin permissions to Password Lists and individual passwords
• Logical grouping of Password Lists in a navigation tree
• Customised fields per Password List
• Time-based access to passwords and Password Lists – either at a specific date, or when someone changes a password
• Handshake Approval for access – two List Administrators must approve access before a timer elapses
• Copy or move passwords between Password Lists
• 32 different audit items are now tracked and reported
• Active Directory or Forms-Based authentication
• Optional secondary ScramblePad authentication for Active Directory Integrated Authentication
• Local or Active Directory Security Groups can be used for assigning permissions
• Synchronize access via Active Directory Security Groups membership
• 12 different roles for Security Administrators of Passwordstate
• Word phrases added to the Password Generator
• Set expiry date on user accounts registered in Passwordstate – useful if someone was leaving your company
• Password reset recommendations when someone’s access to Passwordstate or Password Lists is removed
• High Availability module available – read only copy, using SQL Server to replicate data
• Prior to importing data into Password Lists you can now perform a Test Import to first validate your data

Passwordstate 4.5 (9th November 2010)

New Features

• Added Random Password Generator allowing bulk creation of passwords (Ref 45.01)
• Added optional feature for automatically generating a random password when creating a new password record (Ref 45.02)

• Fixed a bug where IPv6 IP Addresses could not be added to the Audit table (Ref 45.03)

Passwordstate 4.4 (31st October 2010)

New Features

• Added feature whereby you can quickly filter the grid columns by pressing the Enter key - as opposed to selecting one of the filter types from the dropdown list (Ref 44.01)
• Added feature whereby the filtered state of grids is maintained across multiple pages (Ref 44.02)
• Added improved notification for saving grid layouts, and when passwords are copied to the clipboard (Ref 44.03)
• Added feature where you can bulk update passwords in a Shared Password List (Ref 44.04)
• Added two additional reports (formatting improvements) (Ref 44.05)

• Fixed issue where proxy servers were caching some page content (Ref 44.06)
• Fixed bug in 'User Access to Passwords' report whereby a user's firstname or surname may not have been displayed if the previous user's firstname or surname was the same (Ref 44.07)
• Fix bug introduced in 4.3 where the characters < > & weren't displayed correctly when viewing passwords in the grid view (Ref 44.08)

Passwordstate 4.3 (24th October 2010)

New Features

• Added the feature whereby you can show/hide the passwords in the grid view simply by clicking on them (Ref 43.01)

• Fixed issue where storing the value of password in the Password field caused a duplicate Control ID when editing the record (Ref 43.02)
• Fixed Unhandled Exceptions error when accessing User Accounts area (Ref 43.03)
• Fixed issue where long password fields where bleeding into other grid columns - they now wrap correctly (Ref 43.04)
• Fixed issue where password strength was not always displayed correctly (Ref 43.05)

Passwordstate 4.2 (27th July 2010)

New Features

• Added feature whereby access to multiple Shared Password Lists can be administered for a user, instead of individually (Ref 42.01)
• Supports new Registration Key format (Ref 42.02)
• Added copy password to clipboard feature (this also adds an audit record) (Ref 42.03)

• Improved error checking for NTFS file permissions (Ref 42.04)
• Fixed issue error whereby spaces in Active Directory usernames was reporting corrupted data in the database (Ref 42.05)
• Fixed issues whereby imported CSV files where not being deleted after import completed (Ref 42.06)
• Fixed issue whereby it was possible to grant a user access to a Shared Password List multiple times (Ref 42.07)

Passwordstate 4.1 (27th December 2009)

New Features

• Provide further protection against the decryption of sensitive data by someone writing targeted asp.net code (Ref 41.10)
• Made improvements to all grid objects to improve loading time (Ref 41.11)
• Password fields of the same value no longer show the same encrypted value in the database (Ref 41.14)

• When enumerating an Active Directory security group, it did not clear the results of the 'Users' textbox each time you enumerate - it appended to the existing entries (Ref 41.01)
• For any date fields in grid view, the filter icon was wrapped to a second line, regardless of how wide the column was (Ref 41.02)
• Filtering on 'Status' in User Accounts grid was not functioning correctly (Ref 41.03)
• Error when using 'Editor' componenent - could not find a part of the path 'c:\windows\system32\inetsrv\~\App_Code\RadEditorToolbar.xml'. Moved xml file to App_Data to support new ASP.NET precompilation (Ref 41.04)
• System Setting Screen - hour drop down list was not visible properly like minutes (Ref 41.05)
• User Acceptance Policy (UAP) data wasn't added to the database when upgrading from version 3, and when changing between using and not using a UAP, the navigation panel wasn't updated unless you refresh the whole browser window (Ref 41.06)
• When turning on password protecting the Administration area, the requirement to log in wasn't working until you next started to use Passwordstate (Ref 41.07)
• If a user tried to add a record to the database which has either of the characters < or >, they get an error about 'A potentially dangerous Request.Form value was detected from the client' (Ref 41.08)
• After viewing a password history record within the 'Shared Password Lists' section, returning to previous screens by clicking the 'Back' button would produce an error reading the database (Ref 41.09)
• Fixed issue where Database Administrators could change ownership of Personal Passwords via the back-end database (Ref 41.12)
• Fixed issue where password strength was not being correctly reported within the 'Administration' area (Ref 41.13)

Passwordstate 4.0 (14th October 2009)

New Features

• Password Strength Policy. Security Administrators are now able to specify a Password Strength Policy, providing users with visual representation of password strength when either entering passwords, or reporting against them (Ref 40.01)
• Grid View Improvements. Various improvements have been made to the grid view on all pages, relating to usability and compliance to web standards (Ref 40.02)
• Highlighting of Expiring Passwords in Grid View. Expired, or expiring passwords, are highlighted in red on the grid view, providing users with a reminder that the password must be reset (Ref 40.03)
• Save Grid Layout Notification. Users are now notified each time they save any changes to the grid view layout (Ref 40.04)
• Enable/Disable Email Templates. Security Administrators are now able to enabled or disabled individual email templates, preventing users from being notified when certain events are triggered (Ref 40.05)
• User Acceptance Policy Improvements. ‘Mandatory User Acceptance Policy’ must now be read and accepted prior to users being able to use Passwordstate – previously closing the popup window would allow access (Ref 40.06)
• Log failed attempts at Accessing the ‘Administration’ area. An audit record is now added when non Security Administrators try to access the ‘Administration’ area (Ref 40.07)
• Export and Purge Audit Table Records. Security Administrator’s are now able to export and purge all records from the Audit table, assisting with archival of aged data (Ref 40.08)
• Popup Window Improvements. When a popup window is displayed e.g. User Acceptance Policy, background information is now greyed out, giving the popup window more focus (Ref 40.09)
• Password Masking on Add/Edit Pages. A preference option is now available to all users allowing them to show or hide (mask) passwords on each of the add/edit pages. This default preference can also be overridden on each of the pages if the user chooses to (Ref 40.10)
• Multiple Active Directory Domain Support. Multiple Active Directory domains are now supported, including domain account authentication, and cross domain querying for account management (Ref 40.11)
• Audit Visibility for all Users. Audit information is now available to all users, providing history of changes to personal passwords, and any shared passwords they have been granted access to (Ref 40.12)
• Expiring Passwords Calendar View. A calendar view is now available showing when passwords are scheduled for expiry. The calendar shows both personal and shared passwords (Ref 40.13)
• New Passwords Home Page
• Email Improvements. In addition to sending emails via anonymous SMTP, sending from an authenticated mailbox is now possible (Ref 40.15)
• Expiring Passwords Email Report. The Expiring Passwords popup window reminder has now been removed, and replaced with an automated email report. System Administrators can specify at what time of the day the emails are generated, and users can elect to receive the report either daily, weekly or monthly (Ref 40.16)
• Emailing From Grid View. Security Administrators can click on a users email address in the User Accounts grid view, initiating the creation of a new email through the user’s email client (Ref 40.17)
• Updated Ajax Components. All Ajax components have been updated to the current release, providing better performance and patches to known bugs (Ref 40.18)
• Password Strength Compliance Report. Based on the predefined password strength rules set by the Security Administrator(s), a report can now be run showing policy compliance (Ref 40.19)
• Improved Online Help. Improvements have been made to the online help within Passwordstate, with detailed instructions now available for all screens (Ref 40.20)

Passwordstate 3.1 (1st June 2009)

Updated Features

• Updated help file for specifying a value for the 'Domain Name' field in System Setting screen - explains how to specify LDAP query string for large Active Directory implementations (Ref 31.07)
• When querying users or security groups in Active Directory (when adding users), an animated progress graphic is displayed whilst the query is executing (Ref 31.06)
• Changed compare history pages so the passwords are masked by default (Ref 31.05)

• Certain special characters in the Password field was causing issues with displaying the password in the grid view and password history screens (Ref 31.08)
• Made various hyperlinks more apparent by setting 'text-decoration' property to 'underline' (Ref 31.04)
• Fixed issue where granting access to a Shared Password List for a user was not displaying any search results (Ref 31.03)
• Fixed issue when exporting passwords where a string field was being incorrectly interpretted as a date field (Ref 31.02)
• fixed data import issue from version 2 where rogue user accounts where assigned to shared password lists (Ref 31.01)

Passwordstate 3.0 (30th March 2009)

New Features

• Completely rewritten in ASP.NET and AJAX technologies
• History of changes to passwords is now maintained
• Visual comparison of password history records
• Receive email notifications when changes are made to Shared Password Lists (Add, Edit or Delete)
• Password reset reminders
• New 'List Administrator' role for controlling who has access, and who can modify
• Import & export capability for most areas within Passwordstate
• New grid object which allows intelligent filtering of all data
• User can now specify what they wish their default page to be - Personal Passwords, all Shared Password Lists, or a specific Shared Password List
• End-to-end event auditing
• Customised email templates. Security Administrators can now customise the emails Passwordstate generates
• Shared Password List reporting. Security Administrators can now see and administer all Shared Password Lists
• 2nd level password protection for 'Administration' area is now possible
• Active Directory lookup for adding new users to Passwordstate
• User Acceptance Policy. Security Administrators can choose to display a User Acceptance Policy for Passwordstate Usage
• 256bit AES data encryption and code obfuscation
• Unique initialisation vector per installation
• Automatic logout period can be specified to kill inactive sessions
• Passwordstate now only supports Integrated Windows Authentication
• Enable or disable accounts
• Online help

• Various bug fixes from version 2.0