Passwordstate 8.6 - Build 8691 (18th May 2019)

• Changed the AD Search functionality to exclude computer objects when looking for user accounts
• Made further security improvements to the execution of PowerShell scripts

• Fixed issues with the Browser Based Gateway where the browser tab could close in certain browsers if the authenticating username or password was incorrect
• Using the Heartbeat icon on the Privileged Account Credential screen was now working if the System Setting option to hide the password was set to yes

Passwordstate 8.6 - Build 8687 (14th May 2019) 

• Added additional debugging, and a visual indicator, if records are getting stuck int the Password Reset Queue due to an unexpected exception
• Password Reset Portal Windows Credential Provider now supports usernames with full stops in the samAccountName attribute
• Made a change to launching URLs for password records to support the PasswordID being passed as a parameter to the URL

• Fixed an 'Object reference not found' error when using the Add Password List Wizard, due to the 'Standard Password List' Template being renamed in the system
• The additional authentication option after SAML authentication was not working when using the Forms Based Authentication version of Passwordstate
• It was possible a Privileged Account Credential could have shown more than once on the Privileged Accounts Credential screen, if duplicate permissions were applied
• Fixed an issue where scheduled backups where failing due to the SelfDestruct.db file being locked and in use
• Brute force attack protection for authentication may not have been working depending on specific email alert settings

Passwordstate 8.6 - Build 8679 (26th April 2019)

• Added confirmation pages for deleting Password Lists, and Folders from the Admin area, where users need to acknowledge they understand the deletion is an irreversible process
• Auditing data will now be retained when deleting Password Lists
• Added a 'Feature Access' option to choose which users are allow to see various feature buttons on the Hosts Home page
• Changed the default setting for enabling session recording to False when adding new host records

• Fixed a UI issue on the Edit Password record screen for the Launch Remote Session button when changing the account type from AD to any other account type
• Fix an exception when you click on a Password List on the screen Administration -> Password Lists. Exception was "Couldn't store <> in ResetStatus Column"
• Fixed a database integrity error when trying to view the Pending Access Request screen if a password record had been moved to a different Password List - the user will now be informed the Access Request has been denied instead
• Dependency Discovery Jobs may not have reported the correct Password List name if the dependency existing in a different Password List compared to what the Job was configured for
• When exporting all shared passwords from the screen Administration -> Export All Passwords, the 'Formatted CSV' was raising an exception

Passwordstate 8.6 - Build 8670 (16th April 2019) 

• If the 'Provide a Reason' option is selected for a Password List, then the menu 'Remote Session Launcher with these Credentials' will now be disabled, as you need to open the record and specify a reason before launching the session
• Updated the Client Based Remote Session Launcher so that determine the OS Architecture type works for different languages
• When using the Manual Launch button for Remote Sessions, users will be asked to 'Provide a Reason' for using credentials from Password Lists which have this option configured
• You can now choose to send Emails for Permalinks either via the user's email address, or the mailbox being used for sending most other emails
• Added a new System Setting option to hide the 'Copy or Email Password Permalink' menu
• On relevant Discovery Job screens, a new tab has been added so you can query live which Host records will be queried as part of the discovery job execution
• Added an option to delete Discovery Job results History
• Notes field for password records can now store unlimited characters
• The Error Console screen will now also show exceptions possibly caused by Anti-Virus software on the Passwordstate web server
• Microsoft SQL Accounts can now be reset using an Active Directory account as the Privileged Account Credential
• Made changes to MSSQL Discovery Job to allow AD Accounts to be used for the Privileged Account Credential
• You can now specify multiple different names for the Local Administrators Security Group for the Windows Local Admin discovery job
• Add a new Active Directory account Discovery job, where OUs or Security Groups can be queried, with accounts being imported into a Password List

• Fixed an issue in both APIs where generating 100's of random passwords could have produced duplicated passwords
• A successful account verification for the Password Reset Portal when using Questions and Answers was not reporting the correct Verification Policy in the Auditing data
• Account Discovery Jobs for Remote Site Locations was not reporting any errors to the History of the Job, only to the emails sent for the job
• Non Security Administrators could not access the Auditing Graphs main menu
• Fixed an exception when trying to use the 'Test Email' button on the Email Template page if there was no email address associated with the user's account

Passwordstate 8.6 - Build 8652 (22nd March 2019)

• Fixed an issue with the Windows Integrated API where debug data was left in Auditing data for Firstname and Surname fields
• It was possible the Auditing Description field was blank when making API calls to retrieve a Password List settings

Passwordstate 8.6 - Build 8650 (21st March 2019) 

• Added support to perform Password Resets and Account Heartbeats on Office 365 and Azure AD accounts
• Added a System Setting option where Security Administrators can only manage Privileged Account Credentials within the Administration area if they have explicit permissions to them
• Added a new System Setting option to hide passwords when editing a Privileged Account Credential within the Administration area
• Added a new System Setting option to hide user's configured 2FA Secret Keys on their Preferences screen
• User's 2FA Secret Keys will no long be visible in the Administration area when editing a user's account
• Made some changes to improve the email alerts for accessing the Emergency Login page to try and report who the accessing user is
• Windows Dependency Discovery script updated to ignore invalid accounts names based on imported xml files for scheduled tasks
• Made changes to both APIs to reduce the amount of calls to the database for the Force SSL and Allowed IP Ranges options
• Made various security improvements, including Brute Force detection login failure to Password List authentication screens
• Provided an option where you can specify which users are allowed to send Self Destruct Messages from Password records
• When prompted to save web site logins with the Browser Extensions, the list of Password Lists will now be sorted alphabetically based on the Folder Name \ Password List Name structure
• Removed the requirements for jQuery UI javascript library

• Some controls on various pages were not disabled when using the Passive High Availability instance
• Fixed an issue with the Browser Based Launcher where it may have been possible to see a message 'Please wait while connecting..." when trying to perform remote sessions
• Fixed an error when trying to save the Password Policy for Password Reset Portal where the Failed Password Reset error message was more than 500 characters
• Fixed an issue trying to view the Hosts Types & Operating Systems screen in the Administration area where it could have reported that the column HeartbeatSuccess did not exist
• Made changes to the Windows Integrated API to avoid account collision when issuing simultaneous multi-threaded calls to the API
• Fixed an issue when logged in with the Emergency Access login where you could not enable Maintenance Mode from the Encryption Key rotation screen
• When using the Administer Bulk Permissions feature from under the Passwords tab, an 'Object Reference' exception was being raised when removing 'View' permissions
• The System Setting for granting Security Administrators access to Shared Password Lists when they were being created, was not being honoured when used in conjunction with the setting to automatically create a new Shared Password List for new User Accounts
• Adding a Password List via the API, without copying setting from a Template or Password List, was not adding a record in the PasswordListColumnSettings table - causing issues for the Self Destruct Message feature
• On the Add Password screen, the 'Have I Been Pwned' button was not working due to a JavaScript error
• Fixed an issue where API Auditing data was being moved to the Auditing Archive table daily when it should not have been

Passwordstate 8.6 - Build 8627 (26th February 2019) 

• Added support for Yubikey authentication for both main UI and Mobile Client
• When an approver approves access to a Password Record, they also have the option of resetting the password when the user's access expires
• The Ignored URL option for the Browser Extensions, will now also prevent any form element scanning for designated URLs
• Extended the session inactivity timeout setting on the High Availability upgrade screen for slow performing networks
• When approving Requests for Access, the approver can now modify the details of the request before approving
• Added a new Restricted Feature, to prevent adding new PowerShell scripts, or modifying existing scripts
• Made some changes to execute on PowerShell scripts to raise exceptions if certain reserved words are using in scripts
• Made improvements to the initial setup wizard, to ensure required fields have been specified
• Changed the setup screen where you create the first user account to allow more than 30 characters in length for the UserID field
• An additional authentication option can now be specified, post successful SAML authentication
• Added a System Wide setting, and user settings, to specify the Keyboard Layout type to use when performing RDP sessions with the Browser Based Launcher
• Made various improvements for form filling web sites for each of the browser extensions
• Made various security improvements to the Password Reset Portal
• Added a System Setting option to hide selected authentication options on the user's Preferences screen
• If password records are configured for exclusive checkout, then they will be checked out automatically when using the Remote Session Launchers

• Fixed an issue where Request Access to Passwords feature where a new password may have been automatically generated when the user's time-based access was removed
• Fixed an issue where a user may not have been given access to a full Folder structure when being granted access to a Password List or Password record via the Windows Service
• Fixed a general error which could occur when searching for a credential, launching a remote session with that credential, then further searching for other password records
• Fixed and issue where using the Manual Launch button for an RDP session using a local Windows Account was not authenticating properly
• Fixed an issue where a Remote Session may not have been launcher from a password credential under the Passwords tab
• Fixed and issue with SAML authentication where navigating from the SAML provider to Passwordstate, after you've already authenticated once, was giving a 'not a HTTP POST' error message
• Fixed an issue in IE and Firefox where the popup screen for viewing the membership of a Security Group may not have shown the correct members
• Fixed an issue with the Browser Based Remote Session launcher where it could not copy files bigger than 2 gigabytes to an SSH session
• Could not edit a MySQL Discovery Job after it was added as it was showing an error about not being able to query operating systems
• Fixed an issue where upgrading to build 8488 would fail as it errors trying to update data in the EmailTemplates table
• Issue downloading files from SSH session with Browser Based Remote Session Launcher is now fixed
• Password Reset Portal now allows the apostrophe symbol in usernames

Passwordstate 8.6 - Build 8600 (4th February 2019) 

• Made Form-Filling improvements to Browser Extensions where fields names were explicitly specified in Passwordstate
• Remote sessions can now be launched from the Passwords tab without requiring access to the Hosts tab
• Added additional HMAC Hash validation to various functions within the APIs, and in the Administration area of the UI
• Made sure there could be no spaces in a Host name when adding or editing host records
• If launching a Remote Session from a password record, it will no longer navigate in the UI to the Hosts tab first
• Added an option to deploy the Remote Session Gateway separate to the main Passwordstate web site
• Added support for per Host session recording, instead of being user based
• If using the Have I Been Pwned password check, and 'Prevent Bad Passwords' on Password Lists is disabled, you will now get a warning if the password has previously been compromised
• When password records which are enabled for password resets are moved to the Recycle Bin, the option 'Enabled for Resets' will now be disabled
• Fixed an issue in Internet Explorer where it was possible to see a dialog asking you to close the tab when using the Browser Based Remote Session
• Added additional HTTP headers for improved security
• Add additional tools supporting Have I Been Pwned web site
• Added reports to check status of passwords on Have I Been Pwned web site
• SSH Browser Based Remote Session launcher now allows certain special characters when keyboard layout is not in US layout
• If System Settings options are configured to prevent exporting of Password List data, then this will be reflected on the screen Administration -> Password Lists as well
• Made some changes to the High Availability upgrade scripts to overcome any file locking issues when copying files
• Updated the PowerShell script using for stopping the Windows Services when upgrading the High Availability Instance to wait until the services stopped
• Updated the Browser Based Gateway to the latest build
• Updated the Browser Based Gateway for the Remote Session Locations module to the latest build
• If browsing to the site using a Permalink, the Password Lists/Folders/Hosts in the respective Navigation trees will be filtered and expanded so the appropriate node is visible

• The System Setting option to restrict access to newly created Shared Password Lists was being ignored on the new Add Password List Wizard
• Fixed issues with Duo Authentication for all modules if TLS 1.0 and TLS 1.1 were disabled on the web server
• Actions menu for downloading documents was disabled if the user only had View access
• It was possible that when using Firefox there was more than one Audit record added for a single Copy To Clipboard event
• Fixed an issue where custom dependency scripts would not execute unless a host records was associated with the dependency
• Fixed an issue where date filters in grid column headers were automatically clearing after selecting a date
• Fixed an issue where clicking on the option 'Automatically log out of the Browser Extension when you close the browser' in the Preferences screen would cause the setting to be hidden, and then error when saving the change

Passwordstate 8.5 - Build 8573 (9th January 2019)

• Redesigned the architecture of Chrome, Firefox, Edge and Safari browser extensions for improved form filling and login field detection
• Chrome, Firefox, Edge and Safari browser extensions updated to use jQuery 3.3.1
• Browser based remote sessions will now open within separate tabs in the browsers
• Update the Windows Credential Provider for the Password Reset Portal to resolve issues with domain name detection issues on login screens
• Made some changes to SAML authentication to better support SP initiated SSO providers
• Made changes to the execution of PowerShell scripts to prevent execution of PowerShell commands which were not included as part of the scripts
• When using an active/active High Availability configuration, the Passwordstate Windows Service will no longer poll back to the primary site to see if it is available
• Searching for Hosts under the Hosts tab will no longer close any open remote sessions
• The option to link the creation of a Password List to a Template is now disabled by default for new installs
• Renamed labels on Browser Form Fields tab on edit/add passwords screens
• Added a better descriptive error message when a password reset for an Active Directory account fails due to the account no longer existing in AD
• Provided a better descriptive message if a user tries to view the properties of a Password List when they do not have Administrator rights to it
• Browser extension will no longer form fill fields on websites if the ID values are recorded in password records
• Browser extensions will now only add an auditing record if they save or auto-fill credentials, not every time a website is accessed

• Fixed an issue where the Windows Integrated API (WinAPI) was not working when using the 'read only' High Availability instance of Passwordstate
• Browser Based Gateway Settings screen in the Administrator area was checking for the wrong Security Administrators role
• Users could clone a folder to the Passwords Home even if they had no permissions to create a folder in this location

Passwordstate 8.5 - Build 8556 (11th December 2018)

• SSH sessions with the Browser Based Remote Session Launcher now supports file transfers
• System Setting option to link to Password List Templates to newly created Password List now works with Add Password List Wizard
• Changed the report 'What has a user been doing lately' so that longer durations can be reported against
• Made changes to document viewing process and removed legacy javascript code

• Fixed an issue where an upgrade from a build prior to 7721 was failing with an error of Build_7721_CopyPassword()' failed with the following error
• Fixed an issue with the new Request Access to Passwords feature where a new password was automatically being generated when the user's time-based access was removed
• Fixed an issue where special characters in an Active Directory security Group name would cause a .NET Framework exception

Passwordstate 8.5 - Build 8549 (30th November 2018)

• Included robots.txt file for Password Reset Portal web site to prevent search engines from indexing the site
• Added support for Windows Server 2019
• Made some changes to Self Destruct Message feature to allow either sending or saving of messages - made the process more intuitive
• Fixed an issue with searching on the Request Access to Passwords screen when the Password List name had square brackets in its title
• Added the Tree Path details to the Excessive Activity Report
• One Time Passwords Authenticator no longer show the configure buttons on the Password Record if the user has View access
• Remote Session Connection auditing data will now show on the screen Administration -> Auditing for Private Password Lists a well

• Fixed an issue with SSH sessions with the Browser Based Remote Session Launcher for certain types of HP switches
• Fixed an error of "This account is not authorized" within the Local Windows Account Verification PowerShell script
• Removed visibility of certain debug information on the Error Console screen
• Fixed an issue where notifying users (Email) of changes to a password record was causing an exception
• External links on Hosts folders and the new Request Access to passwords screen was not launching the URL in a new tab

Passwordstate 8.5 - Build 8537 (14th November 2018) 

What's New Video  

• Improved the Request Access to Password feature, also allowed a requirement for multiple approvers
• Added options for the Self Destruct Message feature to save the message, but not email the recipient - and then the Self Destruct URL can be emailed outside of Passwordstate
• OTP accounts in Password Lists can now be copied and linked between different Password Lists which are enabled for OTP
• Made further HMAC Hashing improvements in the database
• Handshake approval feature has now been deprecated
• Added Logged Off Auditing events for the main Passwordstate application
• Changed the Issuer for Google Authenticator for the Password Reset Portal so it doesn't conflict with existing scanned QR Codes on your phone for the main Passwordstate web site
• Updated the Linux Password Reset script to capture successful reset messages for French operating systems
• Provided an option to disable email notifications per Password List
• Made some improvements for error reporting if user's sessions in IIS end prematurely, or if using multiple tabs when accessing Passwordstate
• Made various improvements to Linux Validation script

• Fixed a general error screen on the passive High Availability mode when trying to perform a remote session when session recording was enabled
• Fixed an issue with One Time Passwords generator where trying to add the QR code manually into the system would give an unexpected error
• Fixed an issue in the APIs to ensure the UserID field specified for any permissions is set to lowercase as required
• Fixed an issue with the copy to clipboard functionality where multiple Euro symbols where included in the value of the password
• Fixed an authentication issue with a combination of SAML and alternate Authentication options based on Allowed IP Ranges, when navigating to the site after first authenticating to the SAML provider
• Copy to Clipboard button for the Self Destruct Message URL was not including the ID field value
• Fixed a Generic Error on the Add Privileged Accounts screen when selecting an Account Type from the dropdown list using keyboard navigation

Passwordstate 8.5 - Build 8519 (24th October 2018) 

• Added PasswordListID and PasswordID values into various Permissions reports
• Removed the IP Address reporting in the Temporary Pin Code email for the Password Reset Portal, as it was reporting the IP Address of the Passwordstate web server
• Added an option for Passwordstate, Password Reset Portal, and Self Destruct Message sites to allow you to add your own custom css
• Added a new System Setting option to allow users with View access to passwords to use the 'Expire Now' menu
• If the Force the User of Selected Password Generator option was selected for a Password List, all new records being added will have a new password generated when opening the page
• Added an option where the UserID field on Active Directory Authentication screens can be set to read only
• Discovery Jobs will now maintain a history of changes, which can be viewed from within Passwordstate
• Using the Run Now menu for Discovery Jobs will no longer alter the existing schedule
• Made a change to mitigate against any conflicts where a password reset of a Privileged Account Credential was scheduled at the same time as other accounts, which are using the Privileged Account to perform the reset

• Fixed an issue where 'There was an issue validating both the AuthToken session variable and cookie' may have been recorded in the Error Console
• Fixed a 'Object reference not set to an instance of an object' error when trying to add password records via the API when the Password List was for a Remote Site Location
• Fixed an issue were Logos for the Self Destruct message web site may not scale correctly on mobile phones
• Fixed an issue were Logos for the Password Reset Portal may not scale correctly on mobile phones
• It was possible the Agent Health icon on the Remote Site Locations screen may not have reported the health of each agent correctly
• Fixed an issue where the embedded Self Destruct Message web site was not redirecting properly if specifying the ID manually
• Fixed an issue with Browser extensions were not logging some auditing data
• Fixed an issue where the password strength of a password wasn't being displayed the first time a password was created, when the 'Force the use of Password Generator' setting was enabled
• The duration taken to perform an AD Sync process was not being accurately reported in the Windows Application Event Log

Passwordstate 8.5 - Build 8501 (12th October 2018) 

• Changed the SAML Authentication so you are not forced to re-authenticate to the IdP every time you want to log into Passwordstate
• Browser based Remote Session Launcher now supports dragging and dropping files from your desktop to RDP sessions
• The Copy or Move Password to a different List feature will now highlight the source Password List by appending an asterisk to the end of the name

• The new SAML Audience Restriction field was being cleared once you went back into the System Settings screen
• The ExpirePeriod variable was not showing on the Self Destruct email message the recipient received
• Fixed an issue where it was possible under certain conditions to bypass the Verification process for the Password Reset Portal
• Fixed an issue when cancelling Host Record Permissions under Feature Access, was taking you to an incorrect tab
• Fixed an issue where you could not change the color of the Self Destruct Portal theme without logging in an out of Passwordstate first
• Expiry Date password searching via the APIs was reporting "It appears the ExpiryDateRange field you specified was not in the correct format"
• Fixed an issue where SSH Session Recordings in Build 8491 was not working

Passwordstate 8.4 - Build 8491 (5th October 2018)

• The Self Destruct Message feature can now allow users to manually enter the MessageID on the initial screen when viewing a message, instead of sending them URL links in emails

• Fixed an issue where the Save button was not working in Firefox on the Add/Edit Password screens
• Could not send Self Destruct Messages to external recipients if the recipient was not recorded in the new Address Book

Passwordstate 8.4 - Build 8488 (3rd October 2018) 

• Added conditional permission check on destination Password Lists for the copy/move password record feature
• New Self Destruct Message site with separate install, branding, passphrase protection and address book for contacts

• Made various improvements to SAML Authentication process
• SAML Authentication can now be based on either the UserID, EmailAddress or UserPrincipleName fields in the database
• Added an option for the Password Reset Portal where users can be redirected back to a specific URL when they click on any 'Exit' buttons
• Mobile Client web site will no longer differentiate between incorrect Username or Password - it will provide a generic "Incorrect Login Details" if authentication fails
• Made some improvements to ASP.NET Session management
• Added an option where Forms Based and Local Login accounts now have to adhere to a Password Strength Policy when resetting the passwords for user's login accounts
• Changed the Active Directory account validation, just prior to a reset, to use the same PowerShell script as the Heartbeat functionality uses
• Added an option to purge all records in the Password Reset Queue
• Added detailed debugging option for processing or records in the Password Reset Queue
• Certain 'Local' Account Types will no longer show as Remote Session Credentials of not appropriate
• When using the Bulk Delete Hosts feature, you will now be notified if some hosts could not be deleted as the records are still in use
• When cloning users' permissions, you now have the option to not remove the destination users' permissions first
• Added an option where you can specify which users are allowed to manage permissions on Remote Session Credentials via the View Permissions menu
• Made some improvements to the Linux Validation Script to better detect incorrect account passwords
• Made some changes to the High Availability Node poll process to try and resolve polling issues reported by customers
• Password List Grids now have filters available for Account Type
• HTML tab on each of the Rich Editor screens has now been removed
• Syslog data will now be UTF8 encoded
• Updated all pages to use the latest version of jQuery
• The Tag field for Host records is also now searchable in the Hosts navigation tab
• With the Add Password List Wizard, the Finish button is now disabled after you first click it - to prevent multiple clicking
• Updated to the latest version of Telerik ASP.Net Controls
• When Password Expiring Emails are sent to users for the Password Reset Portal, an audit record of category 'Email Sent' is now added with details of the reminder

• Fixed a bug where the Recycle Bin for a Password List may not have been able to be viewed if the grid for the Password List had been customized
• Standard failed Active Directory login attempts were adding records into the Error Console screen when it should not have been
• AD Synchronization debug information was showing on the error console screen when it shouldn't have been
• Fixed an exception on the Edit Password screen if you try and save an Active Directory record without selecting a domain

Passwordstate 8.4 - Build 8459 (3rd September 2018) 

• Remote Session Connection auditing data will now show in the Recent Activity Grid, and also the Auditing screen for general users
• Added additional fields into the Recent Activity grid beneath each Password List

• Fixed an issues where the SearchPasswords API Call was causing an exception, if there was no System Wide API Key creating in the Administration area
• Fixed an issue where data could not be inserted into the new AuditingArchive table

Passwordstate 8.4 - Build 8455 (31st August 2018)

• Permalinks for selecting the Folder or Password List in the Navigation Tree will now select the appropriate nodes when the Load On Demand feature is being used

• Fixed an issue where it was possible the AD Sync process for security groups would error when adding new user accounts and the option was set to also create a Password List for the user
• Newly discovered Host records may not have been automatically added into a folder, if the Host Type of 'All Host Types' was selected
• Fixed an issue where Permalink redirection was not working when only Windows authentication was enabled in IIS
• Fixed an exception when searching for Host records via the API when the DatabaseServerType field was NULL in the database
• Allowed images of type jpeg for branding of Background image - only jpg was previously accepted

Passwordstate 8.4 - Build 8449 (24th August 2018) 

What's New Video  

• Updated the APIs so you can manage permissions on Folders, Password Lists and Password records
• Windows API now supports password records where individual permissions are applied to the record
• The new 'Reason' and 'HashType' parameters for API Calls can also be configured at the Password List level to be mandatory
• Password retrieved from the API can now be returned as a Hash instead of the actual password value
• When adding new Password Lists via the API, you can also apply permissions based on Security Group Name
• When updating passwords via the API, you can now choose to exclude having the value of the password returned for the updated password object, or an auditing record will be added if the password is returned and visible
• Added logging for high level API exceptions to the Error Console screen in Passwordstate, if API calls with invalid syntax are made
• Added the ability to specify a 'Reason' as to why API Calls are being made, and this reason will be added to auditing data
• Added an option to further restrict which users are allowed to modify settings on the 'API Key & Settings' tab for Password List settings
• Optimized memory usage within the Passwordstate Windows Service
• Added an option where you can specify a background image for the authentication screens
• You can now specify your own Syslog date formatting for sending auditing data to Syslog servers
• Added a new System Setting option to delay failed login messages from Active Directory, to obfuscate if the issue was either a incorrect Username or Password
• Password Expiry Reminder email for the Password Reset Portal also now includes the user's domain account name in the email
• If a password record has the option set to prevent exporting the password, then the record will also now be excluded from the Password History report
• Added timings into reporting from the Passwordstate Windows Service for the Active Directory user and security group synchronization process
• Added any exceptions from the Passwordstate Windows Service into the Error Console screen in Passwordstate
• You can now manually specify One-Time Password settings instead of just scanning QR Codes
• Failed SAML authentication attempts will now report the email address being used in Auditing data
• Added additional debugging for any failed AD authentication login attempts
• Deprecated the feature where you can archive auditing data from the UI
• Introduced a new Auditing Archive table where auditing records can automatically be moved to the archive table to help with performance in the UI
• Provided an option where you can specify the URL the browser extension authenticates/operates against
• Send Self Destruct menu will now be disabled if the Hide Passwords setting on a Password List is applicable to your account
• The global search feature for the API can now use Password List API Keys, instead of just the System Wide API Key - only data from the relevant Password List will be returned when doing this
• Provided additional logging if a custom PowerShell script for account dependencies where to fail for whatever reason

• Fixed an error with synchronizing AD Security Groups for the Password Reset Portal where the maxPwdAgeInDays attribute in AD was set to 0
• Fixed an issue in the Password Reset Portal where a hardware token assigned to a user's account in Duo was not showing in the list of devices
• Auditing records where being added when exporting passwords when the password was configured not to the exported
• Fixed an issue where the alternative authentication option for Allowed IP Ranges was not working when Forms Based and SAML Authentication was being used as the System Wide authentication option.
• Fixed an issue with the Password Reset Portal sending out an incorrect enrolment email, if two or more policies were assigned to a user.
• Fixed and error on the add Active Directory Security Group screen where it could have been LDAPS instead of LDAP, or vice versa - depending on whether multiple domains were being used
• Some HTML manuals under the Help menu were not displaying on various Linux based operating systems
• It was possible the Custom Auditing scheduled report was reporting data on Password Lists the user no longer has access to
• The 'Search for Password Lists' API method was not adding an audit record for found Password Lists
• Fixed an issue where the password requirement indicators were not showing on the password reset screen for the Password Reset Portal
• Fixed an issue with reordering password dependencies
• Fixed an issue where it was not possible to update the Email Templates for the Questions and Answers Reset Portal verification policy

Passwordstate 8.4 - Build 8411 (12th July 2018) 

What's New Video  

• Added a new 'Add Password List Wizard' feature for simplifying the process of adding new Password Lists
• Added a new 'One-Time Password Authenticator' feature which can be enabled per Password List

• Added some checks to ensure backups could not be stored within the Passwordstate folder
• Added a reminder popup to save Password Lists or System Settings after generating new or updating API Keys
• Added multiple new Inbuilt Password List Templates which can now be used
• Password Lists can now have their columns hidden globally to all users via Password List settings
• The Description field is now displayed next to the Password List name on the standard Password List page
• Made improvements to the local Windows account password reset to better support non-domain joined machines
• The Windows Credential Provider for the Password Reset Portal has now been updated so that Internet Explorer opens in Kiosk mode

• Fixed an issue where you could not login using the Emergency Access account if the Remote Site Locations module had expired
• Fixed and issue in the SonicWall reset script where an incorrect variable name was being used to pass the value of the current password
• Fixed an issue introduced in Build 8388 where the 'Save and Add Another' button was causing certain fields/controls on the screen to be non-responsive after clicking on it
• Fixed an issue where reports may not have been emailed if the user did not have a Security Administrator role
• TOTP Secret was not being added to QRCode when users viewed settings on their Preferences screen

Passwordstate 8.3 - Build 8397 (21st June 2018)

• On the Brute Force CAPTCHA page, the enter key submission is now disabled and a 15 second pause will occur if the CAPTCHA validation fails

• Fixed an issue where the Password Reset Portal would error with Build Mismatch after upgrading to Build 8388
• Fixed an issue introduced in build 8388 where an upgrade from version 7 would error on the database upgrade screen
• Fixed an issue where after being presenting with the Brute Force CAPTCHA login page, it was possible to browse back to the main URL of Passwordstate and start an additional authentication attempt
• External Link description field for Folders had a hyperlink on the field when it shouldn't have
• Fixed an issue where the Mobile Client web site may not have sent certain emails as expected
• Fixed an issue with the SQL heartbeat feature where it would error if the password contained a semi colon character
• Various security improvements

Passwordstate 8.3 - Build 8388 (19th June 2018) 

• Added support for the 'Have I Been Pwned' API for the Add and Edit Password screens
• Added support for the 'Have I Been Pwned' API for the Password Reset Portal
• Updated Passwordstate and the mobile client to support authentication using the Active Directory UserPrincipalName attribute
• Updated Passwordstate Reset Portal to support authentication using the Active Directory UserPrincipalName attribute
• A custom Windows Credential Provider is now available for the Password Reset Portal, allowing users to access the Portal directly from a link on the Windows Login screens
• Added a new feature where you can upgrade High Availability instances of Passwordstate, directly from within UI of the Primary server
• You can now have duplicate Security Administrator records assigned to your account, via user account and or security groups, and the roles will be combined
• You can now hide Security Administrator menus, instead of disabling them, if the user has not been given access to the required role(s)
• On the Bulk Password Reset screen within the Administration -> Password Lists, you can now also see records which are not enabled for resets
• When search for a host record on the Add/Edit password screen, you can now also search on the Title field for the host if it has a value
• Added debugging data for failed password validations for the Backup account, and Privileged Account Credentials
• The feature to delete a Folder and all nested Password Lists and Folders has been improved to avoid issues with slow performing database servers
• After upgrades, any existing Notifications regarding new builds will be automatically deleted
• If you have not been given access to create Folder and Password Lists in Password Home, you now also cannot drag and drop these into Passwords Home
• Redesigned the password screen for the mobile client so more data can be seen for each field
• "What passwords can a user see" report has now been modified to show each individual password records, instead of access to a Password List

• Security Administrator's Report was missing a couple of newly added roles
• The scheduled backup zip file could not be opened with the build in compression tools in Windows Explorer - other zip programs were not affected
• Fixed an issue where editing a newly added Host record would show an error, when the Host was created using the 'Save & Add Another' button
• Fixed and issue on the Bulk Password Reset screen in the Administration area where a search filter may have been cleared if using paging buttons for the grid
• Security Administrator role for Remote Session Management was not renamed from Remote Session Credentials
• Fixed an issue where the Check-In Tooltip for a Password record was not changing if the schedule was changed when the record was checked out
• Fixed an issue with the Host Discovery job where it was possible to receive the error 'No value given for one or more required parameters'
• Fixed an issue where manually adding host records to a Host Folder could have added the wrong hosts if using paging in the Hosts grid
• Fixed an issue in the mobile client where it was possible you could not login after an automatic logout without first restarting your browser
• Upgraded to the latest build of the Keno UI files for the mobile client to fix an issue where you could not scroll/swipe left and right within a fields value
• On the Password Folders screen within the Administration area, it was not possible to view permissions on a Folder unless your account already had permissions to it

Passwordstate 8.3 - Build 8361 (23rd May 2018) 

• Added support for SonicWALL firewalls for Account Discovery, Password Resets and Account Heartbeats
• Added support for Fortigate firewalls for Account Discovery, Password Resets and Account Heartbeats

• Made changes to email templates on the System Settings screen for Password Reset Portal, so you can specify HTML in the email templates if required
• Firefox browser extension has been updated to use jQuery 3.3.1
• Added a loading animation indicator for Reports from within the Administration area
• Remote Session Credentials can now also be used to match the 'Title' field for Host records
• Added better error capturing for unhandled exceptions
• If only one mobile and one or more hardware tokens was assigned to a user in the Duo portal, Passwordstate will no longer show the mobile device option on the screen for selection
• It is now possible to see the terminal history in SSH sessions with the browser based Remote Session Launcher by using the right-click button on the mouse
• Updated MySQL Account Discovery script to ensure duplicate accounts were not discovered
• Made changes to all database PowerShell scripts to better support the use of special characters within password fields
• MySQL Password Reset script has been updated so a Privileged Account Credential does not need to be used to reset the password for an account

• Fixed an inconsistent error when resetting Windows Services where it was possible the following error was returned - System.Management.ManagementBaseObject.ReturnValue
• Fixed an issue where newly added non database related Host records may have been automatically adding into incorrect folders based on specified filtering options
• Custom port numbers for MySQL were being ignored in Reset and Validation scripts
• Fixed an error when trying to remove View permissions from individual records when using the Bulk Permission features

Passwordstate 8.3 - Build 8345 (29th April 2018)

• Double clicking on a tab for the browser based remote session launcher will now make the session almost full screen in the browser
• If a Host field has a Title specified for it to show in the Navigation Tree, then this Title will also show in tabs for the browser based remote session launcher
• When leaving the Gateway URL field blank for a Remote Site Location, it will instead use the local gateway for any Host records from a remote site

• Fixed an issue when saving and linking a Template to a newly created Password List via a User Account Policy, when the user did not have permissions to the Template
• Fixed an issue with the browser based remote session launcher where logging out of a session would close all open tabs for the same host - if multiple tabs were open
• Fixed an issue where the backup taken prior to an In-Place Upgrade could not complete the backup successfully as the file gateway.log.0 as locked
• Fixed an issue with Azure AD and SAML authentication where the time format on the SAML request may not have been specified in the correct format, depending on OS settings
• When a User Account Policy is copying settings from a Password List Template, the custom image selected for the List is not maintained after saving the Password List
• Unlinking a Password List Templates was causing other Password Lists to be unlinked, when it shouldn't have been
• Fixed an issue where the instructions for upgrading without Internet connectivity was still trying to query the upgrade xml file on the Click Studios web site
• Issues with date search criteria on Bulk Update Passwords now fixed

Passwordstate 8.3 - Build 8334 (18th April 2018) 

• The browser based Remote Session Launcher Gateway is now deployed with the Remote Site Location agents, allowing remote access to devices over fire-walled environments
• Added a new Windows service to the Remote Site Locations agent, so the agent can automatically upgrade itself

• On the Remote Session Recordings screen, the domain or host prefix will now be displayed in the Authenticating Account column
• Passwordstate Windows Service, and Agent Service, are now digitally signed
• It is now possible to open multiple tabs to the same host for the browser based Remote Session Launcher

• Fixed a bug where it was not possibly to apply 'All Users and Security Group' permissions to a Privileged Account Credential
• Fixed an issue where newly added Host records may have been automatically added to a Host folder when it shouldn't have been - when filtering on a database server type
• Fixed an issue where determining the name of the next recorded session file name for the Remote Session Launcher could have caused a JavaScript error during a manual launch
• Fixed a Javascript error which was causing issues closing popup screens on the Host screen when adding documents or external links

Passwordstate 8.3 - Build 8325 (6th April 2018) 

• Added a new Questions and Answers verification policy to the Password Reset Portal
• Added Password Policies to the Password Reset Portal to provide on screen instructions for the expected strength of the password to be used
• Added Bad Passwords to the Password Reset Portal to prevent usage of certain passwords
• Passwordstate Browser Extension now available for Safari

• Removed the password field from the 'Request Access' pages
• Remote Site Location Agent will now report back what Host Name the agent is installed on
• Emergency Access login password can now be longer than 100 characters
• Made changes to the Cisco Password Reset Script so it waits for expected responses before executing proceeding commands
• Added an option where you can specify which users are allowed to use the Manual Launch buttons for the Remote Session Launcher(s)
• Managed Service Accounts, and Group Managed Service Accounts, can now be added in as a User Account in Passwordstate so they can be used with the Windows Integrated API
• Made some changes to the Windows Service reset script so it would not error if the Windows Service is currently disabled
• The read only High Availability instance can now be accessed if the primary site is enabled for maintenance mode
• Added an option to alert the user that remote sessions are being recorded when using the Browser based version of the Remote Session Launcher
• Session Recordings for the Browser based Remote Session Launcher will now be automatically closed (ended) if the user navigates away from the active session to another page in Passwordstate
• You can now display launch buttons for both Remote Session Launchers on the screen if needed
• You can now also specify which users are allowed to use the Client based version of the Remote Session Launcher
• If a user does not have access to a Folder or Password List when using the 'Toggle all Visibility' menu option, all context menus on these Folders and Password Lists will now be disabled
• Renamed the IIS and COM+ reset scripts for consistency with the word Windows in the title
• Updated to the latest build of PuTTY for the Client based version of Remote Session Launcher
• Pasting of clipboard contents now works for SSH session with the Web based Remote Session Launcher
• Email Templates now have no limits on the amount of characters you can insert into them
• Updated HTML version of the manuals so you can navigate directly to certain pages if bookmarked
• Added TCP support for sending Password Reset Portal Auditing data to Syslog servers
• Host Discovery Job will not longer discover disabled computer accounts
• Made improvements to the Cisco Discovery script to ensure it find all accounts on all iOS versions
• Updated HTML version of the manuals so they are compatible with different operating systems
• User's email addresses for the Password Reset Portal can now be edited by Security Administrators
• Verification Policies in the Password Reset Portal can now be applied more than once for a user, but with precedence
• Added logo branding to the Password Reset Portal
• Fixed an issue with the Internet Explorer browser extension where is would cause errors on some pages which were running in 'Compatibility Mode'

• Fixed an issue where the Allowed IP Ranges could produce an error for the Remote Site Locations agent, causing it to now communicate back to the API
• Newly discovered accounts had the Heartbeat option enabled even though it was disabled on the Discovery Job
• Fixed a bug in the Windows Integrated API where it could have reported a 'Object reference not set to an instance of an object' error for all calls
• Fixed an issue where there appeared to be a space at the end of the Self Destruct Message when using the feature from the Tools menu
• Fixed an issue where Session Recording may have caused the Manual Launch buttons for the Remote Session Launcher to fail
• Fixed an issue where the JSON string returned from an invalid API call was malformed - it was missing a double quote at the end of the error message
• Fixed an issue where the Browser Based Remote Session Launcher could not connect to pfSense Firewalls via SSH
• Fixed an issue where the Pin Number Verification Policy for the Password Reset Portal was accepting any pin number
• Fixed an issue with the Password Reset Portal where certain special characters were causing issues with enrolling and resetting user's accounts
• It was possible you could not delete a security group if it was assigned to a Verification Policy for the Password Reset Portal
• It was possible to create an API Key for a Folder, when the user had their permissions removed from this feature

Passwordstate 8.2 - Build 8284 (16th March 2018)

• Local Account Discovery jobs now allow you to select which Password Reset Script is assigned to newly discovered accounts
• Reset Scheduled Task Password script has been renamed to Reset Windows Scheduled Task Password
• Add Dependency screen will now select the appropriate Reset Script automatically when you select the Dependency Type
• Improved error reporting when for the Browser based Remote Session Launcher, when Remote Desktop is disabled on the client host

• Fixed an issue in IE with the new Browser based Remote Session Launcher where a JavaScript error was preventing the Hosts screen from displaying
• Fixed an issue where you could not drag and drop nodes in the Passwords tab between other nodes - only on top of them
• Fixed an issue where the Add Password screen was still asking for a Host to be specified when it's no longer mandatory
• Fixed an issue with the API with Allowed IP Ranges where it was possible the client IP address was being reported incorrectly
• Install and Configure Browser extension button is now visible when a user does not have access to the Browser Based Remote Session Launcher

Passwordstate 8.2 - Build 8275 (14th March 2018) 

• New browser based Remote Session Launcher with Session Recording is now available

• Made significant performance improvements to the Recent Passwords grid on Passwords Home
• Remote Sessions to Hosts can now be initiated directly from the Passwords tab - for Local Accounts you have access to
• Provided an option where it as possible to search and display Hosts in the Host Navigation Tree, if you do not specifically have access to them within a Hosts Folder
• Made additional changes to web.config file to allow caching of static content
• The IBM IMM password reset script has now been updated to allow the use of a Privileged Account credential, and better error capturing
• Added better error capturing to the password reset script for local Windows accounts
• Added Domain or Host field to Enumerated Permissions and Password Strength Reports
• Added TLS 1.2 support in the Remote Session Launcher Powershell script for servers which have been hardened
• Failed Password Reset and Heartbeat reports now only report on records where these options are enabled
• Made some changes to the date check on the Password Reset Portal, to overcome an issue if there were date format differences between the SQL database and the portal Operating System

• Fixed an issue where an old SQLLite dll was included in the latest build of the Remote Site Location agent
• Fixed an issue here removing a Host record from a Folder under the Hosts tab would remove it from any Folders it was displayed in
• If monitoring more than one Event Log for lockouts for the Password Reset Portal, it would error in the UI when checking the event log for a specific user account
• The Host Discovery job could have found Hosts in AD if the OperatingSystem Attribute was blank - when OU recursing was used
• Fixed a bug with the Auditing timestamp from the Passive Node of the High Availability instance - time was being offset from UTC
• Fixed an issue where the installer of the Password Reset Portal would fail with a basic error on the screen
• PIN with Mobile client wasn't working as expected when running the Forms based version of Passwordstate
• Bulk Permissions was not working when revoking access for View Permissions

Passwordstate 8.2 - Build 8256 (19th February 2018) 

• It is now possible to use LDAPS when communicating to Active Directory
• You can now specify the IP Addresses of trusted devices where you want the X-Forwarded-For header attribute added to HTTP requests - for Proxy Server and Load Balancers
• Made some changes to the HP Procurve Reset script to perform an account heartbeat immediately after a reset, as Procurves do not report a successful reset
• The Domain or Host field in Password Lists which are enabled for resets is no longer a mandatory field
• It is now possible to perform Account Heartbeats on the Add/Edit Password screen for all appropriate account types
• Added TCP support for sending auditing records to Syslog servers
• Added a new System Setting option to choose the default checked status of the Enabled for Resets and Heartbeats checkboxes on the Add Passwords screen
• Further protected certain pages from being accessed by typing URLs directly into your browser
• Install and Upgrade log files are now deleted upon successful completion of each task
• Check for New Builds button is now available on all upgrade pages

• Issue with DUO SMS option when having multiple devices is now fixed. Instead of SMS being sent, DUO authentication was using a phone call instead
• If Active Directory returns an error during the AD Security Group Sync process, members from the security group(s) will no longer be removed from Passwordstate
• Fixed an error when accessing the Emergency Access Login after accessing the standard AD login page, when the user's AD account did not exist in Passwordstate
• Fixed issue with linked templates where saving a new linked Password List could not work when clearing search filters

Passwordstate 8.2 - Build 8242 (5th February 2018) 

• Added a new Restricted Features feature in the Administration area where certain settings can only be enabled/disabled by contacting Click Studios for assistance
• The Active Directory sync process now updates the email address for a user's account if any differences are found
• Updated the Chilkat SSH Library to the latest build
• Updated the HP Procurve Reset Script so that a Privileged Account Credential is not required to perform resets
• Updated the iDrac Password Validation Script to use the Chilkat SSL library
• Added a 'Add Host' button to the Hosts Home default page
• Removed writing errors into the Event Log if a general error occurred in Passwordstate
• Made some changes when Impersonating a user's account to disable certain elements within the Hosts tab
• Updated the Juniper password reset script for improved error checking, and support of resets without the use of a Privileged Account Credential - for the root account
• Fixed an error page on a Password List that had AD Authentication enabled - If a user does not enter in the domain it now displays more relevant information
• Relaxed HMAC Hashing on Password List settings to allow bulk updates on certain settings if required

• If accessing the Account Discovery menu while the focus was on the Administrator tab, then the Account Discovery Screen would not show
• Fixed an issue where the LDAP filter on User Accounts and Security Groups screens where not working
• Fixed an Sever 500 error after upgrading from a build prior to 7580, due to the 'customErrors' setting in the web.config file being duplicated
• Fixed an issue when clicking on the 'View Members' of Security Group icon when there is no Security Group selected
• Fixed an issue where Regex pattern matching for Bad Passwords was not working via the API
• The System Setting to limit which users you can see when applying permissions to password records was not working on the Bulk Permissions for Individual Records screen

Passwordstate 8.2 - Build 8225 (22nd January 2018)

• Updated the DELL iDrac password reset script for better error capturing of failed resets
• Added further error checking and redirecting to a custom error page
• Linux validation scripts changed to remove validations commands from shell history
• Users with Modify Access to Password Lists now have the ability to view and restore passwords from the Recycle Bin. Users with View access can now view the Recycle Bin

• It was possible the Custom Auditing scheduled report was not returning any results when it was meant to
• Fixed an issue of an upgrade when SAML authentication was being used because of new fields in the database
• Performing a Manual backup was still trying to backup SQL Server even though the option to exclude SQL was selected
• Images that were uploaded with an uppercase extension were not showing on the Add/Edit Password List and Templates screens
• Fix an issue with Linux privileged accounts containing the backslash character not being able to perform password resets
• The Timer in the Handshake Approvals was not working as expected

Passwordstate 8.2 - Build 8215 (4th January 2018) 

• User Account Policies can now be ordered so that you can specify precedence over conflicting policy settings for users
• Added a new System Setting option to hide the 'Password Last Updated' column for all Password Lists
• Added a new System Setting option to only show Password List Administrators for the Handshake Approvers
• Added a new feature where you can clone permissions for user's accounts in bulk
• Made changes to Oracle Powershell scripts to prevent pooling of database connections
• Made some compatibility changes to the Edge Extension for the Fall Creators Update, and minor changes to the Chrome extension

• Fixed an error deleting a Password List if there was a Custom Auditing Report existing for it
• Fixed an exception where cloning User Permissions for the RemoteSessionCredentials table would cause a failure
• Fixed a bug on the Edit Report screen if it was for an Expiring Password or Custom Auditing Report for a Password List that had been deleted
• A couple of menu items under List Administrator Actions was enabled when using the passive version of the High Availability instance

Passwordstate 8.2 - Build 8205 (15th December 2017)

• Fixed a bug when searching for Password Lists and Folders in the Navigation Tree - an exception was thrown

Passwordstate 8.2 - Build 8204 (11th December 2017) 

• Added support to the Remote Session Launcher for SQL Server Management Studio
• Added an option on Discovery Jobs to report on all discovery activities, not just new accounts found
• The account used on the backups and settings screen can now be linked to a password record
• Made changes to prevent the use of multiple tabs open in your browser pointing to your Passwordstate environment - security enhancement
• When the 'Check In Automatically' setting for password records is set to 00:00, then no automatic check-in will occur - this disables it
• Edit Properties and View Permissions right-click menus on Password Lists in the Navigation Tree, are now disabled if an Additional Authentication option is applied to the List
• Added a System Setting option to set the RADIUS username field on authentication screens to be read only
• Made changes to the Handshake Approval process so the same approver cannot be selected twice
• Added time based access to Remote Session Credentials
• Added Time Based access to Privileged Account Credentials
• Made changes to Remote Session Credentials so users without access to the linked Password record could not make any changes to the record
• Added new auditing records for Remote Session Credentials
• Add a new System Setting option to specify which Password Generator is used in the search toolbar at the top right-hand side of the screen
• All Remote Session Credentials are now accessible from the Administration area
• Added the Spell Out icon back to the Password Generator in the top toolbar
• Add a new System Setting option to only show Templates on Add/Edit Password List screens if the user has been given permission to the templates
• Added new System Setting options to restrict creation of Folders and Password Lists beneath parent folders, depending on your permissions to the parent folder

• If you navigated to a second page in the Remote Session Credentials grid and then editing a record, it would display the wrong record
• Fixed an issue with both APIs where you would get an error saying the PasswordListID was not found in the database when adding password records, if you first created the Password List via the API without copying any settings
• Database Port label on Host remote session screen was showing the Remote Session port number
• Cloning of Security Group permissions was not cloning for 3 tables
• Clicking on the Tools icon was taking you to the Account Discovery screen, even though you had not been given access to this menu
• Under certain conditions, a System Setting may have caused additional user permissions being applied to the creation of a new Private Password List
• Fixed an issue accessing Password List Templates screen in the Administration area - incorrect role was being checked

Passwordstate 8.1 - Build 8180 (21st November 2017) 

• You can now associate a Cisco Enable password with a Privileged Account Credential, and Discovery and Reset scripts have now been updated to support its use
• Windows Integrated API now supports checking in/out password records which are configured for exclusive access
• All scheduled reports are now visible under Administration -> Reporting
• Made a change in SAML Authentication to support Duo Access Gateway
• Changed the System Setting for Toggling Visibility of Web API IDs so that either all users have access, or only users who have Modify or Admin access to the Password List
• Made changes to the Check Out screen for password records to prevent two users checking out the record at the same time
• Last selected node in the Navigation Trees will now scroll into view if there are more nodes visible off the screen - includes permalink navigation as well

• Fixed an issue where a Privileged Account Credential may not have shown on a Discovery Job, if the Description field for the record was the same as another Privileged Account
• Fixed a potential DBNULL bug with the Active Directory user account synchronization process
• Fixed an issue with the Password Generator where disabled Word Phrases settings may still have inserted a dash into the generated password
• Fixed an issue where the Update Password method in the API may not have included complete auditing details for the record being updated
• Fixed an error when editing an Expiring Passwords Report when you had the 'Reporting' Security Administrator's role
• Fixed an issue where reports from the UI or Windows Service could not be run if the System Setting 'Allow users to make calls to the Anonymous API' was set to No
• Fixed a database integrity error message when adding users into a Security Group at the same time as adding the user's account into Passwordstate
• Changing any settings for a Scheduled Report will not affect the execution time for One-Time Schedules

Passwordstate 8.1 - Build 8165 (10th November 2017) 

• SAML Authentication now works with Azure Active Directory
• Made significant performance improvements to the report "Show which Passwords a User has Access to"
• Have introduced a new Title field for Host records, and if specified, the Title will now show in the Hosts Navigation Tree instead of the Host Name
• Added Permalinks for Hosts and Host Folder records
• Software field for Host records has now been renamed to Notes, and will display a tooltip icon on the various Hosts screens
• When adding a Privileged Account Credential, the user is now automatically give permissions to it
• Made a change to the Password Reset Portal to try and overcome the error of "The server does not support the control. The control is critical" when the user resets their AD account password
• Permalink on Password Folders can now be modified so it does not have to be the ID of the Folder
• There is now a System Setting option to choose which email address Self Destruct Messages are sent on behalf of
• Made changes to the Host matching feature on Host folders so you did not need to specify Host Types or Operating Systems

• Fixed an issue where the Remote Site Launcher utility would not work on Operating Systems that were not configured for the English Language
• Fixed and issue where auditing data may have been incomplete with one of the Manual Launch options
• Fixed an issue where the System Setting option to create a new Private Password List for new User Accounts, was not selecting the URL field for the list by default
• Fixed an issue where the URL field may have been showing on Add/Edit Password screens even though the fields was not selected for the Password List
• When using SAML with the mobile client, clicking to view password records would result in only the loading animation showing

Passwordstate 8.1 - Build 8150 (1st November 2017)

• Changed the requirement for Privileged Account Credential passwords to be mandatory, as in some circumstances for Linux accounts it's not required

• Fixed a UI positioning issue with the top Global Search toolbar when logged in with the Emergency Access login account
• Fixed an issue where the Windows Integrated API may have been able to return password records for a Password List the user only had Guest access to
• Fixed an issue with SAML Authentication and the Mobile client where the screen was blank after authentication - only affected the embedded install of the mobile client

Passwordstate 8.1 - Build 8146 (30th October 2017)

• Updated the Hosts field on various password screens so you can differentiate between different SQL Server Hosts that have the same name, but different instances
• Updated the Remote Session Launcher utility so it does not require the .NET Framework 2.0 to be installed
• Made some changes to allow caching of static files, but not dynamically generated ASPX pages

• Fixed some UI positioning issues on OSX for the Global Search and Password Generator elements
• Fixed an issue where under certain circumstances having multiple tabs open in your browser could have provided access to credentials your account had not been given specific access to
• Fixed an issue where a Dependency Discovery Job was reporting 'Unknown Account Types' when domain accounts from a different domain where discovered compared the the domain selected on the discovery job
• Fixed an issue where testing of PowerShell scripts through the UI would fail if any password fields had a single quote in the password value
• Fixed an issue where it was possible to import a 'Contact' from AD into Passwordstate when adding user accounts manually
• Fixed a bug when searching to add domain accounts to the Password Reset Portal when a 'Contact' was found in the search results
• Some API methods where not honouring any Allowed IP Address restrictions

Passwordstate 8.1 - Build 8136 (19th October 2017)

• Edge browser extension now released

• Made a change to the Scheduled Task Password Reset Script to help with a Microsoft bug with Tasks created on Windows Server 2008 and Windows 7
• Devolutions Remote Desktop Manager now integrates with our Windows Authenticated API
• Added support for API Keys in the Header request when using Devolutions Remote Desktop Manager integration
• Made changes to the Copy To Clipboard feature in the Passwords grid to support Unicode characters in the password
• Made changes to exporting Auditing data so only the contents of the displayed grid where exported
• When exporting passwords for the Bulk Update feature, we have removed some additional columns which where not required in the export
• You can no longer delete an Active Directory domain if it is the only domain in the system
• Added a link in the 'Access Request' email which is sent so the user can navigate to the Pending Access Requests page
• Added some better error reporting if TLS 1.2 was disabled on the Passwordstate web server
• The Linux Password reset script has been improved to handle special characters in the passwords
• Added additional error reporting to the Windows Local Admin reset script when remoting into a Host using a Local Administrator's account, and not a domain account

• Fixed an issue with SSH for the Remote Session Launcher feature as the SendKeys Class in the .NET Framework did not support certain characters
• Fixed the following error when re-uploading a document - Operator '<>' is not defined for type 'DBNull' and string
• Fixed an error in the Passwords tab when viewing visibility of all Password Lists, while a specific System Setting sorting option was set
• Deleting an External Link from a Passwords Folder was not working
• Fixed a CSV Import issue when trying to import into a Password List which belongs to a Remote Site Location
• Fixed an issue with the SQL Server Password Reset Script where it would fail if the SQL Account had a dash character in the Username field
• Under certain conditions, clearing one notification in the Notification Centre could have cleared all for the specific type of notification
• Fixed an issue with Enabling Maintenance Mode when logged in as Emergency Access
• Fixed a positioning issue with the eraser icon for the Global Password Generator when using custom logos with greater than default height
• Fixed an issue where it was possible to select a Folder with the Copy/Move Password feature when using the Load On Demand feature

Passwordstate 8.1 - Build 8114 (27th September 2017) 

• Reintroduced the ability to search for passwords in a folder
• Re-introduced the random password generator near the global search textbox
• Added all Duo Authentication options to the Password Reset Portal's Verification Policies
• Made changes to SecurID authentication where the user can no longer change their SecurID User ID during the authentication process
• Pending Access Request Notifications will now automatically be added back if the user accidentally dismissed the notifications without processing them
• If the user's account in the Duo Portal is set to Bypass, it will allow them to authenticate to Passwordstate without performing the various 2 factor authentication methods
• Mac Discovery Jobs no longer assign the Privileged Account to any discovered accounts
• Added a report to show which password records are associated with a Host record, and provided the option to delete the Host record even if there are linked credentials
• Provided better error reporting for the Windows Integrated API when all users were denied access to use the API
• Made some changes to the API for charting in Passwordstate to assist with potential SQL deadlocks

• Fixed an issue where the Remote Site Location Agents may have intermittently reported a 'Padding is invalid’ error back to the Error Console
• Fixed some auditing inaccuracies for the mobile client during the authentication process
• Fixed an issues where Forms based authentication for the mobile client was no longer working
• Fixed an issue for Duo Authentication if a user had a Hardware Token assigned to their account in Duo - a 'key was not present' error was displayed during authentication
• Fixed a SAML Authentication issue when the user had special characters (Scandinavian) in their account details at the SAML providers end
• Fixed an issue where using the 'Active Directory Actions' features for an AD account would raise an exception when clicking the Save button
• When editing an Active Directory account which is configured for resets, if you deliberately remove the Domain field value you receive an error when saving the record

Passwordstate 8.0 - Build 8097 (15th September 2017)

• Added all Duo Authentication options to the Passwordstate UI and Mobile Client
• Firefox Browser Extension is now compatible with the 64 bit version of Firefox
• Firefox Extension now works with Multiprocessor support
• Made some changes to Dependency Discovery Job to overcome a changes in Server 2016 and Windows 10 where the domain portion of a Scheduled Task account was not available

• Fixed an issue where upgrading from version 7 to version 8 while SAML Authentication was enabled would result in an error preventing the database upgrade process executing
• When the HA module was being used in Passive Node configuration, an error about trying to update the database occurred when validating the Password Reset Portal license

Passwordstate 8.0 - Build 8091 (5th September 2017) 

• Auditing data for Private Password Lists will no longer be sent to syslog servers
• When accidentally adding text instead of an integer in the "Database Port" field on a host, it now displays a validation warning on the screen
• Updated favicon.ico file and made some changes to Passwordstate site icon when pinning on various devices
• Adding some additional debugging for Remote Session Launcher to help troubleshoot API Key Not Found error
• Username button in top header is now disabled if the user has the Preferences screen disabled/hidden for them
• Added an option to ignore or configure the Health Check Alert for database transaction log file size
• In-Place Upgrade feature will now work with SAML Authentication on the second part of the upgrade process
• Now added additional SAML 2 Authentication options for the High Availability site
• Added robots.txt file to prevent indexing by search engines

• Editing a Local Administrators Discovery Job was not showing any available Password Lists
• Fixed an issue where User Accounts where not being deleted as part of the AD Synchronization process, when the accounts no longer existed in Active Directory
• Wrong type of Virtual Machine type was being displayed on the Host screen
• Additional Parameters for RDP Sessions for Remote Site Launcher was not working
• Passive High Availability instance was not sending auditing or email data across to the primary site properly
• Fixed an issue where passwords resets on linux root accounts were no longer working if the Privileged Account Credential was selected for the Account Heartbeat feature
• Fixed an issue where a few calls to the API from the Passwordstate UI would fail when only TLS 1.2 protocol was enabled on the web server
• Global search for passwords was not working if a Password Folder was selected
• Remote Site Agent was adding a blank password record into a Password List when trying to discover Local Admin accounts on a Domain Controller
• Fixed an issue where it was possible that a Folder with a blank Folder Name could be created
• Could not copy or move any password records when Load On Demand feature was enabled as it was reporting to 'Select a Destination Password List'

Passwordstate 8.0 - Build 8071 (22nd August 2017)

• The Host Type and Validation Script ID was not being assigned to Discovery Jobs as part of the upgrade process from version 7
• When Adding/Editing a Host Discovery Job, it was possible Privileged Account Credentials were showing when you were not give explicit access to them
• Favicon.ico was not showing in browser tab for Mobile web site
• If two Remote Site Locations had the same Host Name for a host, then it was possible a Host discovery job would not discover the same host name - as it already existed in the database
• Corrected a SQL Server case sensitivity issue with file data_updates_build_8000.sql
• Made some changes to the edit screen for Local Admin Account Discovery Jobs, as it was possible a message about no Privileged Account Credentials being available was displayed, even though there was one available in the dropdown list

Passwordstate 8.0 - Build 8065 (15th August 2017)

• Made changes to the Password field on User Accounts screen in the Administration area, so the masked password is no longer shown in the textbox

• Clicking on the Preferences menu would result in an error when using the Forms-Based Authentication version of Passwordstate
• If specifying your own color branding on your Preferences screen, the hover colors for the Notifications, User and Logout buttons where not working as expected
• Fixed an issue where upgrading from a build prior to Build 7185 could have resulted in a 'The fractional part of the provided time value' error
• HTML version of the User Manual was not in the standard branded color/style format
• When upgrading to version 8, the database schema upgrade would fail at sp_rename() due to case sensitivity being set for SQL Server
• Fixed an issue with the Host Record Permissions weren't working as expected - it was allowing you to make changes to a Host record

Passwordstate 8.0 - Build 8058 (14th August 2017) 

• It was possible the Host Discovery Job was not recording the DNS name for discovered Hosts - this applied to both the Windows Service and Passwordstate Remote Site Locations Agent
• The Passwordstate URL is now automatically added to the global excluded URLs for the Browser Extension feature
• All newly created Private Passwords Lists will now have the URL field selected by default
• Added FIPS encryption support for the Remote Site Location Agent
• Add a new option for the Password Reset Portal where a domain dropdown list can be displayed on the portal screens
• Made changes to Passwordstate so all modules will work when only TLS 1.2 is enabled on the web server, and all other protocols disabled
• Fixed an issue with Forms based login accounts where adding a new Password List would error just after the user reset their password
• Load On Demand and other Navigation Tree settings are now available in User Account Policies
• The Remote Session Launcher installer has now been changed so that it works for any logged in user and not just for the person who installed it
• Added support for Windows Storage Server 2016 Standard host records
• Renamed the Administrator menu called Menu Access to Feature Access, and consolidating various feature permissions onto this screen
• Extended the HTTP Runtime execution timeout value to support long running processes like adding thousands of users into Passwordstate
• Made significant performance improvements to the Recent Passwords grid on Passwords Home if the user had thousands of relevant auditing records for their account
• Renamed License Keys for Password Reset Portal and Remote Site Locations

• It was possible that the last selected Host record was not being automatically selected when logging into Passwordstate
• It was possible to see API Key and Field values for non List Administrators when the System Setting option was set to only show this to List Administrators
• It was possible that when importing user's accounts from Active Directory, the Office or Department field may have duplicated a value onto different accounts
• Hosts and Dependencies discovery jobs was not showing relevant data if the Site Location was changed for a Job
• Under certain conditions, the Bulk Copy/Move feature for password records within the Administration area could have resulted in an exception
• When adding in a Security Group in the Password Reset Portal, the on screen notification would stay visible permanently until the screen was refreshed.
• Some of the menu paths in the Setup Wizard Complete screen for the Password Reset Portal where inaccurate

Passwordstate 8.0 - Build 8037 (10th July 2017) - Beta 2 

• Added a new 'Load On Demand' feature for Nodes in the Password List and Hosts Navigation Trees
• Added the Activity field to the Recent Activity Grid underneath the Passwords Grid
• Provided a System Setting for sorting options in the Passwords navigation tree
• Selecting a default Password List/Folder to return to in the Navigation Tree has now been deprecated
• Renamed 'Edit Password List Settings' to 'Edit Password List Properties'
• Added more context menu items to Password List navigation tree for viewing permissions and editing properties
• Added Content Delivery Network (CDN) support for downloads during In-Place Upgrades
• When adding/deleting Host records, we now automatically refresh the Hosts Navigation Tree upon saving
• Added extra Password Reset related fields to All Passwords Report if the Password List was enabled for resets
• Removed some longer durations from the report 'What has a user been doing lately'
• Upgraded to Telerik ASP.NET Build 2017.2.621 to resolve Cryptographic Weakness
• Adding extra debugging into the Passwordstate Windows Service if there is an error querying event log data for the Password Reset Portal module
• Made some changes in the Recent Activity Grid to better split long URLs to prevent horizontal scrollbars showing
• Fixed a few spelling mistakes on various screens
• Added Password Reset Portal installer and instructions within the Passwordstate folder

• Manual Heartbeats for Linux accounts were not working when no Privileged Account was selected
• The option to collapse all Password Lists and Folders in the navigation tree by default was not working
• An exception occurs when trying to import passwords in a Password List - due to the Heartbeat schedule changes for Remote Site Locations
• When the 'Actions' toolbar was set to display above the passwords grid, the Documents button was not disabled when the System Setting to prevent uploading of documents was enabled
• The Provide a Reason screen for password records was erroring if the password had certain special characters in it
• All Passwords Report was showing Unmanaged field for Host when it was not meant to
• Fixed an issue where the PasswordList field in 4 tables was not set to the size of 200 characters like it was meant to be for the PasswordList table
• Fixed an issue where editing a Host Discovery Job could have selected the wrong Active Directory Domain account
• The Hosts Discovery Job was adding in Hosts which had previously been added into Passwordstate manually
• Fixed an issue where certain special characters in the password for a Linux root account was causing Heartbeat validation to fail
• When a Hosts Folder has a filter on it to add Discovered Hosts into the folder, if more than one Operating System was selected the Hosts where not added in
• When editing a Hosts Folder, any selected Operating Systems for adding Hosts into the folder, was not being selected in the dropdown list
• Exporting all Passwords from the Admin area was resulting in an exception in Internet Explorer and Firefox
• The new option to Bulk Delete Password Records from a Password List was enabled when navigating from the Administration area
• The new Bulk Password Resets feature may have thrown an error if the user did not have access to any Password Lists
• Clicking on the Show Password Icon for Syslog Server password on System Settings screen was displaying the password from a different field
• During a new install of the Version 8 Beta 1, it was not creating a Reporting API Key automatically, causing the new Reporting section in Administration to fail
• Fixed some display UI issues on various screens
• During a new install of Version 8 Beta 1, all users were not given access to the Hosts section within the Hosts tab
• Modified the Telnet connection parameters for Remote Session Launcher as it was not populating the Username field for some customers
• Fixed an issue where non Security Administrators could not add/edit any scheduled reports
• It was possible to show the 'Check Password' icon for password records related to a Remote Site Location

Passwordstate 8.0 - Build 8000 (19th June 2017) - Beta 1 

• Add a new Password Reset Portal feature allowing users to reset or unlock their own domain account without the need of calling the IT Department
• Add a new Remote Site Locations feature for MSPs, which allows deployment of an agent to perform Account Discoveries, Password Resets and Account Heartbeats over HTTPS
• MSP's clients can now log in and view their Passwords without having to consume a Client Access License
• Added a new process for when technicians/staff leave, so you can easily identify what passwords they have access to, and easily queue multiple passwords resets if required
• Added a new Active Directory integrated version of the API which does not require the user of API Keys
• Various different types of records can now be tagged specific to a Site Location, to be used in conjunction with a Remote Site Agent
• Redesigned and added many more pre-defined reports
• Remote Session Launcher feature has now been redeveloped, and also supports Teamviewer remote sessions
• Added many more authentication options for the mobile client
• Added New Notification Centre to provide relevant alerts to users
• Added a new Account Discovery Job for Oracle database accounts
• Added a new Account Discovery Job for Cisco IOS accounts
• Added a new Account Discovery Job for HP H3C accounts
• Added a new Account Discovery Job for Juniper Junos accounts
• Added a new Account Discovery Job for MySQL accounts
• Added a new Account Discovery Job for Microsoft SQL accounts
• Added a new Account Discovery Job for Linux accounts

• When impersonating a User Account, you can no longer access the Administration Menu for that account
• Active Directory Authentication screens will now remember the last Domain selected from the Domains dropdown list
• Host records now have additional fields which can be populated, including IP Addresses, Virtual Machines, etc
• Folders screen has now be redeveloped, and documents can be uploaded to them, as well as linking to external URLs as well
• Made various improvements to document management for password records, Password Lists and Folders
• Depending on the document type, documents can now be viewed in your browser instead of having to first download the document
• Updated documents can now be uploaded, instead of first having to delete the existing document
• You can now limit the size of documents which are uploaded, including the file type
• Remote Session Launcher credentials can now also exclude certain hosts from the query
• Expiring Passwords Report can now filter on selected Password Lists
• Scheduled Auditing report can now filter on the User who created the audit event, as well as filtering within the Description field
• You can now delete password records in bulk from a Password List
• Added SHA256 bit Certificate Support for SAML Authentication
• Account Discovery Jobs now have further filtering for which Host records to discover against
• All PowerShell scripts have been moved to the Administration area, and permissions on scripts are no longer required
• Added various different color themes for the Mobile Client
• Account heartbeats for Linux can now use the Privileged Account to perform the heartbeat, instead of their own credentials
• Horizontal Navigation Menu option at the bottom of the page has not been deprecated
• Upgraded to Latest Telerik Controls
• There is now a one-to-one mapping of Security Administrator roles to Administration menu items
• Redesign Administration area for new modules
• Password Reset and Account Heartbeat scripts no longer require permissions to be applied to them
• All Cisco passwords reset scripts have now been consolidated into one script
• All Linux passwords reset scripts have now been consolidated into one script
• Active Directory Domain records can now be marked to indiciate whether they will be used for authentication in the Passwordstate UI
• Any stuck records in the Password Resets Queue can now be manually deleted
• When search for passwords via the API, the joining criteria for searching across multiple fields has now been changed to AND

• Fixed the wrong Account Type image being displayed in the Mobile Client for password records - it was instead showing the image from the Password List
• Under certain conditions, uploading documents where not being automatically removed from a temporary folder
• Fixed an issue where a logo of reasonable height may have caused issues with scrolling to the bottom of the Password Lists navigation tree
• Fixed an issue where a Password List name greater than 50 characters was causing an error adding data into certain tables
• When searching for passwords in the API, if searching on the HostName field it could have returned more records than there should have been a match for

Passwordstate 7.8 - Build 7883 (29th May 2017) 

• When creating Password Lists via the API, you can now specify a Guide and ImageFileName as well. Guides can also be specified for newly created Folders
• Auditing data sent to Syslog servers now has its date specified in Universal time format as per RFC 5424
• When adding and updating password records via the API, you can now also specify the Browser Extension Form Fields
• You can no longer copy or move Shared password credentials into Private Password Lists
• A 'Password Moved' auditing record is now also added into the Source Password List when a record is moved between Password Lists
• The Email Temporary Pin Code authentication option for the main Web UI also now includes the Pin Code in the Subject Line, just like the Mobile Client does
• Fixed an issue where some scheduled tasks may not have triggered if scheduled in the AM
• Made some changes to the sending of emails to resolve any potential multi-threading issues
• The ability to send Self Destruct Messages via the Administration area has now been disabled
• The title you give Password Lists has now been increased from 50 to 200 characters

• Fixed an issue where SAML2 authentication was not working as expected when Anonymous Authentication was enabled for the site, and alternative authentication was being used for Allowed IP Ranges feature
• When trying to create a Private Password List via the API, and copying settings from a Template, a 'database integrity issue' error was being reported
• API Documentation said Hosts API Key could be specified in the POST Body content, but API was not supported this. API has been updated now to also support this method.
• Global search was not finding any records when searching on just the Password List name
• API Restrictions settings on a Password List was preventing successful completion and auditing when adding new Password records

Passwordstate 7.8 - Build 7868 (11th April 2017)

• Updated the Chrome Browser Extension to reduce function calls every time the DOM changed
• Password Visibility Button Privileged Account Credential screen is now hidden if the credential is linked to a password record
• Users will no longer be able to convert Private Password Lists into Shared, if they not have the required access to create Shared Lists

• Viewing properties of a Folder when you only Modify rights was giving an insufficient permissions error
• Administering permissions through the Administration area, when not having Admin rights to a folder has now been fixed

Passwordstate 7.8 - Build 7863 (17th March 2017)

• Linux Reset Script now supports resetting of root account if no Privileged Account was set
• Self Destruct Messages now have more options for time out periods
• Made some changes to prevent client side caching of pages to prevent any issues with users using the back button in browsers
• Improved Discovery jobs which were adding in a value for the Expiry Date field, when the option Default Password Reset Schedule for the Password List was not enabled

• Under certain circumstances, the Password List page would not render if using one of the additional authentication methods for the List
• When logged in with the Emergency Access account, and exporting all passwords, an error was generated regarding password strength
• Bad Passwords recorded with capital letters were allowed to be saved, which has now been fixed
• Under certain conditions, having excluded characters for a Password Generator Policy were remaining excluded, even after removing the setting
• The Scheduled Report for Password List Permissions was not showing the permission values