Click Studios

We use cookies to understand how visitors interact with our website and measure the performance of our advertising campaigns.
Click "Accept" to allow this and hide this message.

Passwordstate 10 Changelog  (Version 9 Changelog)

Passwordstate 10.0 - Build 10000 (4th May 2026) - Beta 1 Database Schema Updates in this Build

New Features

  • Introduced a brand-new modern UI with light and dark themes
  • Added support for synchronizing Entra Security Groups and User Accounts
  • Added a new Job Scheduling Engine to centralize the management, execution, and auditing of operational scripts, including Passwordstate API scripts
  • Added a new User-Based API, which gives users the same access they have when logged in to the UI
  • Added new API methods for managing Host Folders and Remote Session Credentials
  • Added a new webhook integration for delivering audit events to external systems
  • Introduced a new licensing requirement requiring customers to register their Authorised Web Servers with Click Studios
Updated Features
  • Updated system requirements - Passwordstate System Requirements
  • Rewrote the Syslog integration to support TCP + TLS, event selection, and event severity classification
  • Rewrote RADIUS authentication, which now supports MSCHAPv2
  • Renamed Bad Passwords to Blacklisted Passwords
  • One-Time Password codes can now be shown on Passwords Home and in Password Folders
  • Mobile App can now connect to multiple Passwordstate instances
  • Added a new Test option to the re-encryption feature, allowing you to report on possible corrupted records before re-encrypting
  • Added a configurable Time To Live (TTL) option for temporary Remote Session Tokens
  • Local Windows accounts can now be configured to use a Privileged Account Credential to perform password validations
  • Local Windows accounts can now be configured to reset themselves, no longer requiring a Privileged Account Credential
  • Security Administrators can now hide tabs and options in User Preferences
  • Duo Push can now be sent automatically upon login
  • Duo authentication buttons can now also be selectively hidden on login screens
  • Security Administrators can now create Scheduled Reports that are not owned by any specific user account
  • Added five new auditing record types for managing folders and their permissions under the Hosts tab
  • When the sAMAccountName for an Active Directory account is updated, it will now automatically update on the User Accounts screen in Passwordstate, as well as in all related database records
  • The Manual Synchronization option in the UI for AD Security Groups has been changed to trigger synchronization via the Passwordstate Windows Service
  • Deprecated the feature that allowed Security Administrators to impersonate other users from the Administration -> User Accounts screen
  • Deprecated the feature that allowed custom CSS to be specified for the core Passwordstate product
  • Deprecated the combined login screens for AD/Local accounts and MFA; separate screens are now used
Breaking Changes
  • Native RSA SecurID has been deprecated. SAML Authentication can be used instead if your environment is configured to support it
  • For the Standard API, API keys used within the URL query string are no longer supported
  • Specific API controllers for Devolutions Remote Desktop Manager have been deprecated. Please use the regular API controller methods instead