Please see a list of changes and bug fixes for Passwordstate below, and please keep those feature requests suggestions coming.

Passwordstate 7.8 - Build 7868 (11th April 2017)

Updated Features

  • Updated the Chrome Browser Extension to reduce function calls every time the DOM changed
  • Password Visibility Button Privileged Account Credential screen is now hidden if the credential is linked to a password record
  • Users will no longer be able to convert Private Password Lists into Shared, if they not have the required access to create Shared Lists
Fixed
  • Viewing properties of a Folder when you only Modify rights was giving an insufficient permissions error
  • Administering permissions through the Administration area, when not having Admin rights to a folder has now been fixed

Passwordstate 7.8 - Build 7863 (17th March 2017)

Updated Features

  • Linux Reset Script now supports resetting of root account if no Privileged Account was set
  • Self Destruct Messages now have more options for time out periods
  • Made some changes to prevent client side caching of pages to prevent any issues with users using the back button in browsers
  • Improved Discovery jobs which were adding in a value for the Expiry Date field, when the option Default Password Reset Schedule for the Password List was not enabled
Fixed
  • Under certain circumstances, the Password List page would not render if using one of the additional authentication methods for the List
  • When logged in with the Emergency Access account, and exporting all passwords, an error was generated regarding password strength
  • Bad Passwords recorded with capital letters were allowed to be saved, which has now been fixed
  • Under certain conditions, having excluded characters for a Password Generator Policy were remaining excluded, even after removing the setting
  • The Scheduled Report for Password List Permissions was not showing the permission values

Passwordstate 7.8 - Build 7854 (10th February 2017)

Updated Features

  • Made some changes to the Recent Passwords grid on Passwords Home and Folders to resolve occasional issues with database query time outs
  • Made some changes to the 'Provide a Reason' feature so the password is masked by default
  • Made a change to each of the 3 browser extensions to mitigate a phishing attack redirecting traffic to a malicious website, and disclosing web site credentials
  • Made further improvements to prevent users from typing specific AD based login pages URLs directly into the browser address bar
Fixed
  • The authentication screen mid-upgrade would not allow you to login if your password contained certain special characters - .NET Framework was preventing this
  • Fixed an issue with "Grid Layout Actions", which was returning an unknown error on Documents screens
  • Fixed an issue where Password Validation Scripts where not processing any Generic Field values sent to the script

Passwordstate 7.8 - Build 7847 (27th January 2017)

Updated Features

  • Made further performance improvements when searching for Password Lists in the Navigation Tree
  • Made further improvements to prevent users from typing specific forms based login pages URLs directly into the browser address bar
Fixed
  • Fixed and issue on some feature permission screens where removing a single user account also removed all users from applied permissions list

Passwordstate 7.8 - Build 7844 (20th January 2017)

Updated Features

  • Password Resets, Account Heartbeat, and User Account Authentication now works for non-trusted Active Directory Domains
  • The option to Hide Passwords in a Password List is now only applicable to users with View or Modify permissions
  • Added additional error checking for resetting the password on an Active Directory account if the Privileged Account Credential does not have sufficient privileges
  • You can now also apply permissions to individual password records if a top level folder is propagating permissions down
  • Removed the option to create new Password Lists from within the Administration area
  • When a User Account Policy is set to based Password Lists settings off a template, the user can no longer select the option 'Copy Settings from a Template'
  • When a successful password reset occurs, we now also set the Account Heartbeat status to successful as well
  • Microsoft SQL Password Reset Script no longer requires privileged account associated with it to perform a successful reset
Fixed
  • Fixed a search filter issues on Hosts screen when sorting columns in the grid
  • Fixed an issue where uploading a 0 byte document would cause an error
  • Was receiving an error when saving a password record, if Account Type of Active Directory was selected, but the Password List was not enabled for resets
  • Certain Password List related auditing Activity Types were missing from scheduled reports when creating a report based on auditing data
  • The Import Passwords feature was not available on a Password List if the user had Modify rights
  • Password used for account used to send email was being cleared when clicking the Test Email button, if it had not previously been saved

Passwordstate 7.8 - Build 7830 (2nd January 2017)

Updated Features

  • Added additional debugging to the Account Heartbeat validation process
  • Added all minutes to the schedules on the 'Bulk Update Password Reset Options' screen
Fixed
  • Redirection to the unauthorised web server page was not working if one of the "manual" authentication options was selected
  • Removed old "Password Reset Results" and "Password Validation Results" Email Templates as they are no longer used
  • The option to validate an AD account password was correct before performing a password reset was not working

Passwordstate 7.8 - Build 7825 (29th December 2016)

Fixed

  • The new Build Number notification was not showing for "All Users" when it was supposed to be
  • Fixed an issue where it was possible to bypass your AD Credentials on the Manual AD and Duo Push authentication screen
  • Using the options on the 'Active Directory Options' tab on the Edit Password screen was giving a "Index was outside the bounds of the array" error
  • When adding a user to a local Security Group via the Actions Menu, it would error when filtering on security groups

Passwordstate 7.8 - Build 7821 (19th December 2016)

Fixed

  • Fixed an issue where certain buttons where enabled when viewing the properties of a folder which should not be if the user has Modify rights
  • Fixed an issue with the Internet Explorer Browser Extension where it would cause the browser to crash with certain sites

Passwordstate 7.8 - Build 7819 (14th December 2016)

Fixed

  • Overcome a jQuery bug for Internet Explorer and Edge which was preventing expanding and collapsing multiple nodes at once in the Navigation Tree
  • Fixed an issue where cancelling the dragging and dropping of a Password List in the navigation tree still allowed the List to be moved

Passwordstate 7.8 - Build 7817 (9th December 2016) Database Schema Updates in this Build

Updated Features

  • Made some significant improvements to the loading times of the main Navigation Tree, as well as expanding/collapsing nodes, and drag and dropping nodes around the tree
  • Added a User Account option to limit the number of Password Lists and Folders retrieved and displayed in the Navigation Tree
  • When search for Password Lists in the Navigation Tree, the folder structure to the found Password Lists is now shown
  • Tooltips on Folders and Password Lists in the Navigation Tree have been removed to improve loading times
  • Made some changes to the Authorized Web Server check to overcome intermittent DNS lookup issues some customers where having
  • Self Destruct messages can now be sent from the user rather than the default email address in System Settings
Fixed
  • When sending a Self Destruct Message, the Subject line from the Email Template was not being used
  • Fixed an issue where it was possible to return back to the last Setup page for Passwordstate after the setup was complete
  • When using FIPS encryption, a database connectivity error screen was displayed when trying to validate the High Availability License Key
  • It was possible a Bad Password could also be reported on the screen as having Excellent strength
  • Fixed a database integrity error after importing user accounts via CSV files, and the UserID and Email Address for the user had capitalization in it
  • Fixed an issue where the Active Users screen would error if a UserID had a single quote in it
  • Fixed an exception where a custom Reset script could not be deleted
  • Fixed and issue with the Bulk Updated Password Reset Options feature, where deselecting the 'Managed Account' option would also disable the 'Heartbeat Options' tab
  • Fixed an issue where the Passwordstate Windows Service could not decrypt the AppSettings section of the web.config file when using FIPS encryption
  • Fixed an issue with SQL Server case sensitive DB settings and permissions not being applied to new Password Lists when new user accounts where being added
  • Fixed unrecognized date error on Maintenance Mode screen when using Greek language for Windows operating system
  • When viewing a Self Destruct Message, the whole value of the password may not be visible if it contains certain special characters
  • When importing Hosts, and the value for the database port was not a numerical value, it would report a successful import when it didn't actually import anything

Passwordstate 7.7 - Build 7798 (17th November 2016) Database Schema Updates in this Build

Updated Features

  • Updated the Security Administrators screen to also show the UserID value for any user accounts
  • Documents uploaded to Passwordstate are now encrypted
  • Fixed a issue where Password Lists being created for new User Accounts via User Account Policies will now work when using Security Groups as permissions on the UAP
  • Added Windows Server 2016 as supported operating System
  • When a Private Password List is converted to shared, it will now also honour the setting to add permissions for other Security Administrators
Fixed
  • When using API to create a Password Record, the host name wasn't being set correctly if the record was not being configured for Resets
  • Fixed an issue where it may have been possible to receive an invalid date error when exporting all passwords
  • Users were unable to clone a folder if they had modify rights to it
  • Fix an issue when dragging and dropping nodes in the Navigation Tree where it was not possible to scroll all the way to the bottom when there were many Password Lists and Folders

Passwordstate 7.7 - Build 7789 (18th October 2016) Database Schema Updates in this Build

Updated Features

  • Added Account Type into API when retrieving, adding or updating a Password Record
  • Added an new method to the API to search for Shared Password Lists
  • Updated the Password List Export option on the screen Administration -> Password Lists, to export more information including API Keys
  • System Setting to enable or disable Auditing when using API added
  • The feature where you can bulk update password reset options for records has now been updated so you can filter records using a certain Privileged Account for it's resets
  • Users will now be alerted to any Wildcard searching when querying Active Directory on the User Accounts or Security Groups screens
Fixed
  • Fixed an issue where the Backups account was trying to make database connections during a scheduled backup when the site was configured to use a Managed Service Account for DB connectivity
  • Some Date/Time columns on the User Accounts screen where not honouring Locale settings
  • Fixed an issue where Date fields for exporting CSV files may not have been exported in the correct date format for the selected region
  • Fixed a 'Index was outside the bounds of the array' error when exporting Hosts records
  • Using One Time Access with the Check in/Check out feature was removing access to the record before it should have
  • Fixed an issue where it was possible Account Heartbeats were occurring when the option was not enabled for a record
  • Users had the ability to created Password lists in folders they did not have access to
  • Usage count on Password Reset Scripts screen was not counting correctly for some scripts
  • Last logged in date and successful login auditing data was not being added when using one of the Active Directory, or One-Time Password authentication options
  • Opening Password records from the Expiring Passwords calendar using IE or Firefox was causing a 'server error'.

Passwordstate 7.7 - Build 7773 (20th September 2016)

Fixed

  • Fixed an issue where an invalid table name was being referenced in the Passwordstate Windows Service, preventing the service from performing its normal operations

Passwordstate 7.7 - Build 7772 (19th September 2016)

Updated Features

  • Added SecurID two-factor authentication to the mobile client
  • Added some debugging for any issues trying to send a temporary pin code as part of this authentication feature
  • When using the Remote Session Launcher feature from a password record, we now automatically change the Port Number depending on what Connection Type you choose
  • Multiple Login dialog for the browser extensions now sorts the Username field
Fixed
  • Fixed an issue with the Bulk Import Password feature where it reported the PasswordListID value could not be found for all password records
  • If the Privileged Account credentials for manually synchronizing the memberships of security groups was incorrect, then the Security Group was deleted
  • If the value of the password for the Backup feature had certain special characters in it, it could have caused the In-Place Upgrade feature to fail
  • The Cancel button on the In-Place Upgrade screen was not working if the backup password was using certain special characters
  • Disable Propagation button was still active when user only has View rights to the folder

Passwordstate 7.7 - Build 7763 (3rd September 2016)

Updated Features

  • API has been updated so you can search passwords by AccountTypeID or AccountType, and Domain and HostName fields are now returned in password queries as well
  • The Mobile Client has now been updated so the UserName field either shows the Domain or Host Name information as well if relevant
  • The Local Administrator Discovery Job will no longer report an error if it finds no administrator accounts on a host
  • Mobile Client has been updated for improved search across multiple fields, the same as the main Passwordstate user interface
  • HP iLO password reset script was named incorrectly
  • VMWare ESX password reset script has been updated to optionally use a Privileged Account for SSH connection
  • Changed Duo Push read-only username field to ignore client side changing of the value
  • Made some improvements to ensure Duo API Settings where not visible when inspecting HTML for certain pages
  • Added the option to specify a 'Guide' for Folders as well, including a button to view the Guide per Folder
  • Editing a user requires you to have a last name entered, where as it doesn't require it when creating a user
Fixed
  • Fixed an issue where on occasion you could have been prompted to with the message "Please enter a positive integer value for the Add Days to Expiry Date field" when saving a password record
  • When editing a password from Passwords Home or a Folder, it was possible that Reset and Heartbeat Options tab may have, or may not have shown correctly for the selected record
  • Fixed an issue where manual backups were not honouring the "Exclude database" setting
  • When clicking on the Password List Guide button, scrolling within the popup window may not have be working correctly
  • Certain field and buttons where available on the Edit Folder screen when the user only had View permissions

Passwordstate 7.7 - Build 7748 (19th August 2016)

Updated Features

  • When using the Expires Now feature, the Expiry Date on the password will be updated according to the setting on the password record, or its Password List
Fixed
  • Fixed an issue where you could not create a Folder beneath a folder structure which is propagating permissions down if you did not have Admin rights to the parent folder
  • Fixed an issue where it was possible to execute a HTTP Post against the Test Script Manually pages, even though you did not have permissions to the appropriate menus
  • Fixed an error of 'Globalization is ambiguous' error after upgrading to Anniversary Update for Windows 10
  • Fixed an issue where changing the value of a password may have shown the message of Password Reset Tasks Queued, when the Password List itself did not have the Password Reset Enabled option selected
  • The Passwordstate Windows Service was excluding Special Characters when generating a random password when using a Pattern Match

Passwordstate 7.7 - Build 7742 (11th August 2016)

Updated Features

  • The API has been updated so you can search for records based on HostName, ADDomainNetBIOS and PasswordResetEnabled
  • When adding an account and you deselect the option to enable it for Resets, it will now pre-select the appropriate Password Validation script
Fixed
  • If this Password field was not selected on a Password List, it would not allow you to save adding a new password record
  • The Security tab on Add/Edit Passwords screen should not have been visible if the Password Field was not one of the selected fields
  • A 'Server Error' screen may have appeared in the Administration area if the Password List or System Settings Security Administrator role was not applied for the user

Passwordstate 7.7 - Build 7737 (7th August 2016)

Updated Features

  • Account Dependencies discovery job will now report if the account associated with a Windows Dependency as changed
  • Account Dependencies discovery job will now find AD accounts which are configured in the naming format of DomainFQDN\UserName
Fixed
  • Fixed an issue where expanding/collapsing a node in the Navigation Tree could have caused it to re-position to the top of the screen
  • With the new option to reset passwords when discovered for Local Admin accounts, it was not honouring the setting for a static password value
  • It was possible for a One-Time Scheduled Report to execute if it was disabled

Passwordstate 7.7 - Build 7732 (4th August 2016)

Updated Features

  • The Brutce Force Lockout screen now provides a CAPTCHA control for allowing the user to re-attempt authentication if the pass the CAPTCHA authentication
  • Duo Push Authentication now sends the client's IP Address as a parameter to the Auth API method
  • Only 7 days worth of AD Security Group synchronization debug data is now retained
  • When moving/copying a password record you can now expand/collapse folders
Fixed
  • Fixed potential XSS issue for an elevated security breach on the domain where data was modified in transit
  • Dependencies column was showing for in Password grids when the Password List was not configured to perform Password Resets
  • Fixed an issue where the correct CSS file was not used when viewing a Self Destruct Message
  • Fixed an issue where the Unauthorized Web Server page may have been displayed if the server's NetBIOS name was longer than 15 characters
  • The Add Password API method may have failed if the new PasswordResetEnabled parameter was not specified

Passwordstate 7.7 - Build 7723 (2nd August 2016)

Fixed

  • If the UserName field for an Active Directory account which was enabled for resets was configured incorrectly, an 'Index Array' error could have occurred during the upgrade to build 7721
  • After upgrading to build 7721, some users may have experienced a generic 'Server Error' if they had previously had their access removed from the Hosts and Queued Password Reset main navigation menu items

Passwordstate 7.7 - Build 7721 (1st August 2016) Database Schema Updates in this Build

New Features

  • Added support for password resets and validation for Juniper ScreenOS firewalls
  • Added support for password resets and validation for Juniper Junos devices
  • Added support for password resets and validation for HP Procurve switches and routers
  • Added support for password resets and validation for HP H3C switches and routers
Updated Features
  • Added a new queuing system for Password Resets, and no data is updating in Passwordstate unless a successful reset is completed
  • Simplified the process of configuring accounts for Password Resets
  • The API has been updated to allow configuring password records for Resets and Account Heartbeat validation
  • Browser Extension for Internet Explorer is now out of beta
  • Made some improvements to the Navigation Tree so you can scroll up and down the tree when dragging and dropping Folders or Password Lists
  • Made various performance improvements to the Navigation Tree and selecting Password Lists when users have access to thousands of Password Lists and Folders
  • Scheduled Reports can now be run on a more frequent basis, and there is an option to run the report immediately
  • Remote Session Launcher now supports the use of local accounts for RDP sessions
  • When a password reset fails, the Expiry Date field is now no longer modified, and retry attempts will be made every day at the scheduled time
  • Added support for Microsoft SQL 2016
  • Host records can no longer be deleted if the Host has associated password records
  • The previous one-to-many relationship between password records and host records has now been deprecated
  • Permissions on custom Password Reset scripts are no longer required to associate the script with a password record
  • Added Connection Type and Port Number columns onto the Remote Session Credentials screen
  • The Oracle password reset script no longer requires the use of a Privileged Account Credential to connect to the database
  • You no longer need to modify any PowerShell scripts for Oracle to specify the path to the Data Access Components - the path can now be specified within Passwordstate on the System Settings screen
  • Various menu items under the main Hosts menu have now been renamed
  • The Hosts main menu has now been renamed to Resets
  • Hosts & Password Resets area within Administration has now been renamed to Password Resets
  • Renamed the Host Type of Appliance to Firewall
  • The option to reset a password when One Time Access is applied to an individual password record, has now be deprecated
  • When using Duo Push, hitting the enter key on various fields can now cause the push notification to be sent
  • The Import button on the Password List screen has now been move to the List Administrators Actions dropdown list
  • When adding an Active Directory account into a Password List which is enabled for Password Resets, it will prevent you from saving the record if the account exists in another Password List
  • It is now possible to trigger a Password Reset upon a new account being discovered on the network
  • Permissions on Host records are no longer required
  • Custom Images in the Administration area is now called Images and Account Types
  • The Expire Password Now menu for password records now triggers a Password reset if applicable
  • Installer for Internet Explorer Browser Extension will now delete registry key (on uninstall) which is created on initial use of the Extension
  • AD Synchronization Report has now been deprecated
  • Scheduled Password Validation Report has now been deprecated
  • Password Reset Tasks Report has been deprecated
Fixed
  • Fixed a general error screen when authenticating with Manual AD Authentication from non-trusted IP addresses
  • Fixed an issue where encrypted Generic Field values may not have been able to be decrypted in the Passwordstate Windows Service
  • Users with Non-Admin rights to Folders and Password Lists were not able to drag them around in the Navigation Tree when they were meant to have access to do this
  • A general error screen was displayed when a user's account was disabled, instead of redirecting them to an appropriate screen
  • After clicking the Expand/Collapse all Password Lists/Folders icon in the Navigation Tree, it was not possible to expand/collapse individual tree nodes
  • When clicking on the 'Yes' button to check out a record for exclusive access from Passwords Home or a Folder, a JavaScript errors was preventing opening the Edit Password screen
  • When in Maintenance Mode, and error may have been displayed once clicking on a password record as it's possible the user's session may have ended if there was no activity on the screen
  • An error may have occurred during a Password Reset after a Time-Based Access was removed if the account was an Active Directory account and specified in FQDN format
  • Resource Discovery job was adding duplicate records when different naming conventions of UPN and Pre-Windows 200 format for accounts where being used

Passwordstate 7.6 - Build 7676 (18th June 2016)

Updated Features

  • Firefox Extension now out of Beta and made various site detection improvements to both Firefox and Chrome extensions
  • Added 'Ignore Site' button to all three browser extensions to easily ignore URLs you do not want to save logins for
  • Added a new Beta of the Internet Explorer extension which resolved several bugs
  • Added a method to the API to be able to search for Folders based on certain criteria

Passwordstate 7.6 - Build 7672 (29th May 2016)

Updated Features

  • Search Improvements: It's now possible to search for passwords using multiple search phrases, and Account Type is now also included in the search criteria
Fixed
  • Fixed an issue where the Active Directory sync process could have returned the error "a more secure authentication method is required for this server"
  • The Logon button was wrapped to the next line when using Firefox on the password reset page for form-based authentication
  • When linking or unlinking Password Lists from templates, using the filtering search boxes may have caused issues with unlinking or the link/unlink buttons

Passwordstate 7.6 - Build 7668 (20th May 2016) Database Schema Updates in this Build

New Features

  • Ability to Check Out Password Records for exclusive access
Updated Features
  • Added Ability to set propagating permissions at nested folder levels, instead of just the top-level folder
  • Added the option to disable propagation of permissions from a folder
  • Made some changes to improve memory utilisation with the Passwordstate Windows Service, and also within IIS
  • Added support for Windows 10 and Server 2016 for Local Admin Account discovery, and Windows Account password validation
  • Added support for AzureDB and Amazon SQL Database Services
  • Made various improvements to the initial setup process, for adding logging and disabling buttons as you progress through the install
  • Updated the Folder icons to better indicate which permissions model is being used for the folder
  • Added the option to set the Host Heartbeat schedule on the Add and Edit Host screens
  • Added column TreePath to Expiring Passwords Report
  • The View Password screen for users with View access to a password record has now been replaced with the Edit Password screen for consistency
  • Added an option to force users to use a specific Policy for the Password Generator in the top toolbar and under the Tools menu
  • Added a copy to clipboard permalink icon to the Edit Password screen
Fixed
  • If the Password List was configured to prevent exporting of Passwords, using the Save and Add Another button when adding record was ticking this option on newly created records
  • Fixed an issue where an Image may not have shown on the Remote Session Launcher credentials screen if not image was assigned to the relevant Password List
  • It was possible to set permissions on individual records when the Password List was inheriting permissions from an upper-level folder
  • Fixed an issue where an AD Security Group could not be added to Passwordstate if the ObjectSID for the group was longer than 50 characters
  • Scheduled Reports were not being sent to CC'd addresses if the CSV file type attachment
  • Error Console screen may have been showing in incorrect date format for specific regions
  • An exception may have been raised when viewing the History of a password record, if that record was restored from the recycle bin
  • Charts were not showing when using the High Availability instance of Passwordstate
  • Certain events which trigger sending of emails was receiving a "The multi-part identifier could not be bound" due to SQL Server being configured for Case Sensitivity

Passwordstate 7.6 - Build 7646 (19th April 2016) Database Schema Updates in this Build

Updated Features

  • Added a new System Settings so customers can choose if the Browser Extension should return only records intended for the Browser Extension, or all records where the URL field has a match
  • Added web and database server names to the Administration screen's About section
Fixed
  • Charts in Passwordstate may not be displayed for certain accounts if users were being prevented from using the Browser Extension
  • If the user had View access to a password record, and the value of the password was being masked, and audit record was still being added to indicate viewing of the password was possible
  • It was possible to delete a password record when the System Setting for modify rights was denying this

Passwordstate 7.6 - Build 7641 (4th April 2016) Database Schema Updates in this Build

Updated Features

  • Moved some settings on the System Settings screen to more appropriate tabs
  • RADIUS Authentication official release - no longer in Beta
  • SAML2 Authentication official release - no longer in Beta
  • Added two new System Settings so you can specify which users are allowed to create Folders and Password Lists in the root of Passwords Home
  • Excluded the TreePath and ResetTaskCount fields from the 'All Passwords Report' to make the process of importing data into other Password List simpler
  • Security Administrators can now type the user's One-Time Password secret key within the User Account screen
  • Updated the validation for One-Time Password secret keys to instead check if the key was specified in Hexadecimal notation, instead of a Base32 string
  • When a user is asked to first populate their Google Authenticator or One-Time Password settings on first login, they must authenticate on this screen before their settings are saved
  • It is now possible to add a new or existing user's account to multiple Local Security Groups at once
  • Option to hide Toggle Visibility of Web API IDs for users who have Modify rights to Password Lists
  • Added a link to the Maintenance Mode label at the top of the screen, allowing you to easily navigate to the Administration area - and disable Maintenance Mode if needed
  • Added an option to the API to add Password Lists for individual User Accounts or Security groups - both Shared or Private Password Lists
  • Added a dropdown list on the Add/Edit Passwords screen so users can choose different Password Generator Policies to generate random passwords with
  • Added an option where a new Shared Password List can also be created when new user accounts are added into Passwordstate
Fixed
  • A runtime error was being used with SAML2 Authentication when you navigate to the site from the SAML2 Providers web site directly
  • When basing a new Password List on the settings from another Password List or Template, the fields HeartbeatSchedule and FailedRetrySchedule did not have their values copied across
  • When using the Manual AD and One-Time Password authentication option, it was not redirecting to a page for the user to create their OTP secret if none existed
  • When returning Password List details from the API, it was not returning the new One-Time Password and RADIUS authentication types as a field setting

Passwordstate 7.6 - Build 7623 (18th March 2016) 

Updated Features

  • Made changes to various initial setup screens to mitigate against session variables being prematurely ended on the web server
  • Reversed the change where right click was disabled for most pages, as this was preventing users copying certain data to the clipboard
Fixed
  • Fixed an issue where it was possible to apply permissions to individual records within a Private Password List
  • Fixed an issue for builds 7580 to 7619 where the Passwordstate web site was not responding after a sever reboot

Passwordstate 7.6 - Build 7619 (11th March 2016)

Updated Features

  • Added the Host Port Number and Tag fields to the Password Reset Tasks screen
  • Added the option to prevent adding of auditing records for the API when retrieving all passwords in a Password List, as well as when searching for passwords
Fixed
  • Fixed an issue with SAML2 authentication for okta.com not automatically redirecting back to the Passwordstate web site
  • Was receiving a Operator not defined for type DBNull error when trying to view a Google Authenticator barcode on the screen

Passwordstate 7.6 - Build 7615 (10th March 2016) Database Schema Updates in this Build

New Features

  • Beta: Added SAML 2.0 Authentication Support
  • Beta: Added RADIUS Authentication Support
Updated Features
  • The Browser Extensions will now ignore any password records where the browser extension fields are correctly populated with data
Fixed
  • When dragging and dropping Password Lists in the navigation tree, the expand/collapse status may have changed depending on if you used one of the features to expand or collapse all nodes
  • When using the Mobile Client, Active Directory Account authentication was not working when using a non-trusted SSL certificate

Passwordstate 7.6 - Build 7610 (5th March 2016)

Updated Features

  • Added a new icon in the Navigation Tree to expand or collapse all Password Lists and Folders
  • If the option to hide the value of passwords is set for a Password List, then value of the password is masked in source code
  • Disabled right mouse click for most pages throughout Passwordstate
  • Added a check to the upgrade process to ensure the web.config file has the correct NTFS permissions - otherwise upgrading to build 7580 or above will fail
  • Added in a check for the upgrade pages to ensure SQL Server 2005 is not being used
Fixed
  • Fixed an error page when clicking on a Folder you do not have access to when using the 'Toggle All Password List Visibility' feature
  • The page informing of the AppSettings section in web.config file being encrypted was not displaying

Passwordstate 7.6 - Build 7603 (29th February 2016)

Updated Features

  • During the second stage of upgrades, where the database is upgraded, only the person who has enabled Maintenance Mode can access the upgrade page
  • Updated the Linux account Validation Script to support interactive keyboard login requirements
  • Scheduled Account Heartbeats will no longer execute for password records which are set to unmanaged
  • Renamed the 'View Permissions' actions menu item for User Account Policies to 'Apply Policy to Users'
  • Added a new auditing for users viewing the value of a Privileged Account Credential
  • When 'Delete Password' is unchecked for the Modify permissions options on a Password List, the 'Copy or Move to different Password List' option will no longer be disabled
  • Added additional debug information for errors logged to the Error Console, to try and report on users sessions being prematurely ended in IIS
  • Made a change to the Passwordstate Windows Service to overcome issues for some customers where Scheduled Backups were not working, but manual ones were
  • Added a Close button to the Generic Error Page so popup windows can be closed in the event of an error
Fixed
  • Fixed an issue where the highlighted Administration Tree Nodes where not correctly highlighted for the selected Security Administrator role - when adding/editing Security Admins
  • Fixed an issue where under certain circumstances, users could still log into Passwordstate when Maintenance Mode was enabled

Passwordstate 7.5 - Build 7592 (22nd February 2016)

Updated Features

  • Added the enabled status for a users Active Directory account to the output when using the 'Debug AD Security Groups' feature
  • Made some changes to AD synchronization process for the enabled status for user accounts, to overcome intermittent crashes in the Passwordstate Windows Service
  • Added support for uploading documents via the API
  • When adding a new Host record, and the Host already exists, the Add Host screen now closes if you grant yourself access to the Host
  • Added a new Actions menu item to grant yourself access to a Host if you don't already have access
Fixed
  • Fixed an issue where the Passwordstate Windows Service was not working if the AppSettings section of the web.config file was encrypted
  • When using AD Authentication and Anonymous authentication was enabled for the site in IIS, it was not possible to login in when maintenance mode was enabled
  • Fixed an issue where a Host Discovery would return no results if a new Operating System record was added and the AD Attribute field was left blank
  • Fixed a database integrity error when logging in using Forms or Local Login authentication, and the user left a trailing space after their UserID

Passwordstate 7.5 - Build 7583 (13th February 2016) Database Schema Updates in this Build

Updated Features

  • Updated the Validation Script for local Windows Accounts for some systems where the Username needed to be specified in the format of HostName\UserName
Fixed
  • Fixed an issue where the re-encryption process when upgrading to build 7580 may have failed on the SystemSettings table
  • Fixed an issue where a similar Host Name match was found when adding Host records, preventing saving of the record

Passwordstate 7.5 - Build 7580 (12th February 2016) Database Schema Updates in this Build

New Features

  • Added a new One-Time Password authentication method for the Web UI and Mobile client based on the TOTP and HOTP algorithms
  • A new Secret Key Rotation features has now been added to allow regular encryption key rotation
Updated Features
  • Encryption Keys can now be exported to a password protected zip file for disaster recovery purposes
  • Encryption Keys now use Secret Splitting to mask their identity
  • Every install of Passwordstate now uses two unique keys to perform the encryption, instead of the previous one
  • HMAC-SHA512 Hashing algorithm is now used to validate tampering of data directly in the database is not occurring
  • Random Initialisation Vectors are now used for every encrypted field and record
  • Added brute force login detection to all authentication methods in Passwordstate
  • A new System Setting option has now been included to prevent specifying API Keys in the QueryString of the API method call
  • Added FIPS Compliance support for Passwordstate
  • Have added a new System Setting option to allow nesting of Password Lists beneath other Password Lists if needed
  • Added better error reporting if a Password List associated with a Discovery Job had been deleted - previously reported conversion of string to boolean error
  • Added a user based option where they can choose to hide all Password Lists/Folders in the navigation tree when they first log into Passwordstate
  • When toggling the visibility of of Web APIs for a Password List, we now hide certain controls above the grid so the keys are more visible
  • You can now add in multiple Host records with the same name, if they have a different Remote Connection port number, and we've added the Port Number to the Hosts grid
  • Export all Passwords In Folder from within the Administration area is now exported to a password protected zip file
  • Added a license check to ensure the license count matches for Client Access Licenses and the Annual Support keys
Fixed
  • When changing the value of a password field which was linked to various Hosts, it was performing a password reset even though the option Manage Account was not checked
  • Password Reset Results emails were being sent when the Email Template was disabled
  • When using forms based authentication, the new Maintenance Mode feature would not allow any user accounts to login in when maintenance mode was enabled
  • Fixed an issue where a user's Guest permissions could have been removed from a Password List when they were adding new password records and security groups where being used as the permission type
  • The Save And Close button was enabled on the Edit Folder screen for users who did not have administrator rights to the Folder
  • Filtering on a Password List when using the Password List Bulk Permissions feature was not allowing you to move the Password List into one of the Permission textboxes
  • When creating Password List under the Administration Area, it was possible it could have shown an error about not being able to create a Private Password List underneath a folder which was configured to propagating permissions
  • Fixed issue where the page would not redirect if cloning a folder from within the Administration area
  • When viewing permissions on a Folder from within the Administration area, it was possible to change permissions even though the Folder was not configured to have its permissions managed manually
  • The option to Auto Generate a new password value when adding new records was not working
  • When using the Save & Add Another button for a new folder, no permissions where applied when the top level folder was set to propagate permissions downwards
  • When selecting the 'Toggle All Password List Visibility' menu, filtering on Password Lists in the Navigation Tree was not working

Passwordstate 7.5 - Build 7551 (26th January 2016) Database Schema Updates in this Build

Updated Features

  • Added support to the Linux Password Reset Script for Mac OS X
  • Added an option where a Private Password List can be created for all new User Accounts which are added to Passwordstate
  • Added the option to import Bad Passwords from a csv file
Fixed
  • When granting permissions to an individual Password record due to a user requesting access, if the approving Security Administrator did not have Admin rights to the Password List, it did not grant Guest permissions for the user requesting access
  • Fixed an issue with the Resource Discovery Job where it could have reported an error about a DBNULL operator comparison error
  • If the Heartbeat column in the Passwords grid was not visible, reordering the position of more than one column at a time was not possible due to a javascript error
  • When initially setting up Passwordstate and connecting to an existing empty database to create all the tables, a Server 500 error was experienced if the SQL Account being used had an ampersand symbol in the password
  • The popup guide for a Password List was showing HTML formatting tags instead of the actual formatting
  • Could not edit a Password record if the AccountType field was selected for the Password List, and the record was saved via the Browser Extension
  • All Passwords History Report and All Passwords Report could not be opened with certain zip programs
  • When using the 'Request Access to Passwords Lists' feature, clicking on a Password List you had no access to was non-responsive
  • Fixed an issue where Passwords Home or a Folder would not display when the Recent Passwords grid was being displayed

Passwordstate 7.5 - Build 7539 (2nd January 2016)

Updated Features

  • It is now possible to clone a folder structure when you have Modify access to the Folder
Fixed
  • Fixed an issue with the API to resolve issues with the Browser Extension not auto-configuring - IE still requires a FQDN URL to use the Extension

Passwordstate 7.5 - Build 7537 (27th December 2015)

Updated Features

  • When clicking on any permalinks for records in Passwordstate, if the 404 error page does not redirect quick enough, instead we know display a message about waiting for the redirection
Fixed
  • Fixed an issue in where the Browser Extension would not auto configure itself if the URL was not in a valid FQDN format. If a valid FQDN is required and not being used, then this is now reported in auditing data

Passwordstate 7.5 - Build 7535 (20th December 2015)

Fixed

  • Fixed an issue where members of nested security groups may have been removed during the scheduled AD sync process
  • When there was more than one web site login credential, the Chrome Extension was only form filling the first entry
  • Right click menu options for adding Folders and Password Lists were not disabled if the user was not meant to have access to these features
  • Fixed an issue for an Open Connection error in the Windows Application Event log when a security group is being deleted as part of the scheduled AD sync process

Passwordstate 7.5 - Build 7531 (18th December 2015)

Updated Features

  • Updated Active Directory and Local Windows Account Validation scripts to overcome issues with environments which may have tighter security controls
  • Removed Windows Server 2003 from the Discovery and Password Reset screens due to this OS not being supported
  • Updated the Active Directory account password reset feature to support accounts in User Principal Name format
  • Added a count to the Document button for Password Lists
  • Added additional debug data for the Active Directory Security Group synchronization process
  • Made changes to the Folder Propagating Permissions feature to allow users to create Password Lists beneath them, regardless of the permission level at the top level folder
Fixed
  • When dragging a Password List which was not inheriting permissions into a Folder structure which was propagating permissions, the flag on the Password List to indicate it was inheriting permissions was not being set
  • Made some changes to the scheduled Active Directory Security Group synchronization process to overcome an issue where users may have been removed from Security Groups within Passwordstate
  • The High Availability instance of Passwordstate was trying to write to the DebugInfo table when it shouldn't have been
  • When adding a password via the API, the request may have failed when adding Password History if no ExpiryDate was set
  • The Remote Session Launcher for RDP sessions was not working if the UserName or Password had a space in its value, or if using User Principal Name format
  • When adding a password via the API, then GeneratePassword setting was not generating a random password
  • Some variables in the Self Destruct Email template where not properly being replaced at the time the email was sent
  • It was possible that Passwordstate reported an Active Directory password reset roll back was successful, but didn't roll back the change in Active Directory
  • Bar chart statistics on Passwords Home and Folders was showing the same statistics for All Users and the currently logged in User
  • When moving a Password List into Passwords Home from a Folder which was propagating permissions downwards, the Password List was still configured to inherit permissions

Passwordstate 7.5 - Build 7515 (5th December 2015)

Updated Features

  • We have now added the Tree Path to the screen Pending Access Requests so it's easier to see what Password List the request is for
  • Remove various fields from the Enumerated Permissions Report, to limit the amount of data exported
  • Added a label to the Backup Settings screen to inform users they should restart the Passwordstate Windows Service if they change the schedule at all
Fixed
  • The scheduled report Enumerated Password Permissions may have been reported on records in the Recycle Bin
  • The Report Type column on the Scheduled Reports screen may not have displayed the correct value
  • Fixed an issue where a PasswordListID value of 0 was being used in the TreeViewState table when it shouldn't have been
  • Fixed an issue where under certain circumstances permissions to a Folder may have automatically been removed
  • And the Add and Edit Passwords screens, the Privileged Account Credentials dropdown list for Password Resets was disabled for Active Directory accounts, preventing manual configuration of other reset tasks

Passwordstate 7.5 - Build 7507 (4th December 2015) Database Schema Updates in this Build

Updated Features

  • Made some changes to database querying in the API for the Passwords Home and Folder chart to improve performance
  • When a Security Admin impersonates another user's account, they cannot modify permissions to Password Lists or Folders even if that user had Admin rights
  • Scheduled Password Validation can now occur even if the password is not enable for resets
  • Discovery Jobs can now add new records to Passwordstate without enabling the Password Reset option
  • When a Password Validation occurs, if there is some form of error which prevents validating the Password, auditing data is now added and an orange Icon is shown in the Account Heartbeat column
  • You can now execute a Password Validation script for Active Directory Accounts on demand through the Passwordstate web interface
  • Added a new column to the Passwords grid to show a count of associated Password Reset Tasks for a record
  • Added a configurable OperationTimeout setting to Discovery PowerShell scripts
  • When an Active Directory account is configured for resets, the record is now added to the Reset Tasks count on the Edit Password screen
  • Added a Verbose Logging screen for Manual and Scheduled Backups
  • Updated the Active Directory account validation script to also support UPN account format
  • Various Host timeout settings are now configurable for PowerShell scripts on the screen Administration -> System Settings -> Hosts
  • On the main Administration screen, we've added the option to enable Maintenance Mode if you have the correct Security Administrators role
Fixed
  • The use of Privileged Account Credentials was not showing accounts to users when permissions were applied to them via Security Groups
  • When a user had View access to a password record which had mulitple password fields configured, trying to click on the magnifying class multiple times to unmask data was causing a JavaScript error preventing visibility of data as expected
  • Fixed an issue where the new Maintenance Mode feature may have interfered with various schedules executed by the Passwordstate Windows Service
  • Under certain circumstances, adding a password record via the API could results in a 'no compatible route found' error message
  • The Reset Tasks count on the Edit Password screen was showing a count for Hosts which were set to unmanaged
  • Fixed and issue with using Bulk Permissions on Password Lists in the Administration area
  • Fixed a potential issue where Password Validation for certain records may not have been executed at the set schedule
  • Any of the Telerik Editor controls, like Password Notes field, was stripping line feeds during a paste operation
  • After pressing the Save button for Screen Options for the Password Lists page, it was prompting to export history data for records
  • You could no longer manager permissions on Folders within the Administration area, if your account did not already have Admin access to the folder
  • When impersonating a user's account, the option to delete a Password List was available

Passwordstate 7.4 - Build 7483 (18th November 2015)

Updated Features

  • The Password Reuse Report no longer shows the password values, and also does not return any records where the password value is blank
  • Any reports through the user interface which export password values into CSV files are now compressed in a password protected zip file
  • Password Strength Compliance Report now includes the UserName field
Fixed
  • The new Maintenance Mode feature introduced in build 7476 was causes issues with Inactivity Timeout setting not logging users out
  • The Handshake Approval process for permissions was giving a Page Not Found error when declining access, or when the Handshake Timer expired
  • Made some changes to overcome an error when creating your first Password record - caused by duplicates existing in the PrivilegedAccountsACL table
  • When adding passwords via the API, if the AccountTypeID field for a Password List was set to mandatory, the API would error saying the AccountTypeID value was blank even though it was supplied

Passwordstate 7.4 - Build 7476 (10th November 2015) Database Schema Updates in this Build

New Features

  • Permissions from top level folders can now be propagated down to all Shared Password Lists and Folders
Updated Features
  • The Copy to Clipboard feature no longer requires Flash in the browser to function
  • You can now restrict API Access by IP Addresses on a per Password List setting
  • The Password Strength Compliance Report now includes a column called Bad Password, to indicate if there was a bad password match or not
  • Added an exclusion to the Resource Discovery script to ignore a scheduled task bug for Microsoft Sharepoint Workflow Manager
  • Added a regular clean up process for any old files left in the Upload folder
  • When adding a password record via the API and you have enabled it for Password Resets, then any Discovery Jobs can make use of this record instead of creating duplicates
  • Added a new Maintenance Mode which prevents users from logging on, and allows you to specify a time in which users sessions will be terminated
  • Made some changes to the IIS Application Pool reset script to ensure it could be successful started after stopping it
  • Added -IncludePortInSPN parameter support for Invoke-Command for various Windows reset scripts
  • A new Error Console screen has been added to the Administration area, and error debug data will no longer be visible to general user accounts
  • Pressing the Enter key of the Username field on any authentication screens now initiates the login process, just the same as the password field
  • You can no longer type the Upgrades URL directly into your browser
  • Made changes to account handling on Upgrade screens for improved security
  • Added checks to upgrade pages to ensure the user had the correct Security Administrator role in order to perform upgrades
  • Added additional checks to ensure no permissions to Private Password Lists can be changed in anyway
  • Added additional checks so permissions can only be added to Password List if you are Administrator of them, or a Security Administrator
  • In addition to a user session variable being destroyed on logout, their secure ASP.NET State Session cookie is now also destroyed
  • Changed any Disabled columns in grids to read Enabled, and showed an appropriate icon for each status type
  • You can now only nest Password Lists and Folders beneath other existing Folders - or Passwords Home
  • Removed the ability to create Folders from within the Administration area
  • The Navigation Tree will now be sorted by Folders first, then Password Lists - in alphabetical order
Fixed
  • On the Hosts screen, using the paging buttons was clearing any filtering set on the page
  • Fixed an issue with AD Sync process where a circular loop of nested Security Groups could have caused the IIS process to spike CPU, or crash the Passwordstate Windows Service
  • After cloning a user's permissions and moving any Private Password Lists, the destination user would have received a database integrity error issue when trying to access any Private Password Lists
  • When searching from Passwords Home, it was possible that not all Password Lists your account had access to was being searched
  • Requesting access to Password Lists was broken, preventing adding of permissions if the request was approved
  • Fixed some issues to further protect against Cross Site Scripting issue (XSS) attacks
  • Some scheduled Account Heartbeats may have started failing as we overlooked inserting the correct license key for the Chilkat SSH component
  • For the 'Test Script Manually' feature, any SSH script using the Chilkat SSH component was failing, as we overlooked inserting the correct license key for this component
  • It was possible to upload documents at the Password List level when you only had Guest Access to the Password List
  • The Remote Session Launcher utility would not launch SSH sessions if the password had a comma or semicolon in its value
  • Reinstalling the Remote Session Launcher utility would cause remote sessions to fail as the PowerShell script being used was appending configuration settings on every reinstall
  • Fixed an issue where users may have been removed from an Active Directory Security Group during the scheduled AD sync process if there was a computer object within the group
  • Bulk Permissions for Password Lists would not list the available Password Lists if the TreePath field was NULL for one or more records
  • It was not possible to add a new Password Reset or Validation Script manually, unless you copied contents from a pre-existing script
  • An error message about the Privileged Account Credential for a non-trusted domain when resetting AD passwords could have occurred, preventing a password reset
  • The error message returned from Password Reset scripts if you forget to associate a Privileged Account with the Password Record, was still indicating you needed to associate the Privileged Account with the script itself
  • If using one of the Manual AD authentications screens, it was not reporting to the user that their account was disabled in Passwordstate
  • If your user account was disabled in Passwordstate, and you change the UserName field to another account in the AD Login screen, it would not let you authenticate with the second account
  • Certain password fields on various screens would not allow the use of special characters such as < and >
  • It was possible the password Recycle Bin could show an exception when you browse to it

Passwordstate 7.4 - Build 7434 (9th October 2015) Database Schema Updates in this Build

Updated Features

  • When adding new Password Lists or Folders, by default they can only be added beneath existing folders now
  • Surname for User Accounts in Passwordstate are no longer mandatory
Fixed
  • When searching for passwords in Passwords Home, some passwords may not have been found if Password Lists where nested beneath other Password Lists
  • When using the Copy or Move to Different Password List feature from Password Home or Folders, the popup screen would not close after performing the required action
  • Under certain conditions, an exception may have occurred when selecting one of the Actions dropdown menus, when using Internet Explorer or Firefox
  • If a user's Surname was NULL in the database, certain screens would not show the FirstName as well
  • Under certain circumstances, the once a day scheduled for synchronizing Active Directory Security groups was not working
  • Fixed an issue where importing user accounts from Active Directory may not have completed, if there were System Accounts being imported whose field lengths were too big for the Passwordstate database fields

Passwordstate 7.4 - Build 7426 (5th October 2015)

Fixed

  • We broke the ability to use the Request Access to Passwords feature in build 7422
  • Google GR Code was not being centered in the page for IE 9
  • Made some changes to overcome a SQL Timeout issue in Build 7422 when clicking on Passwords Home or a Folder
  • When viewing members of a Local Security Group, sorting by the User Name field was causing an exception

Passwordstate 7.4 - Build 7422 (30th September 2015) Database Schema Updates in this Build

Updated Features

  • You can now specify the Ping Packet Size for the Host Heartbeat feature
  • Made performance improvements to the Security Group and User Account cloning process as it relates to permissions for Password Lists
  • Various Notes fields now strip any Microsoft Office formatting when pasting from Word or Excel
  • Reduced the number of calls to the database significantly when clicking on Passwords Home of a Password Folder, which helps improves performance of page loads
  • Removed the old 'View Password Reset Tasks' icon from passwords records on the Passwords Home page to make it consistent with the View Passwords page
  • When using the 'Link to Password' feature for a Privileged Account Credential, we now show Title and Description so records are easier to identify
  • The notification for Annual Maintenance expiring will now only be visible to Security Administrators
  • Made changes to protect against inline proxy scanning tools manually manipulating querystring parameters
  • Any attempts to manually manipulate QueryStrings will now be redirected to a 404 page not found page
  • Set autocomplete="off" for all password textboxes so Firefox and IE do not remember previously typed values
  • Increased the default timeout on pages when cloning permissions for User Accounts or Security Groups
  • The option to convert Private Password Lists to shared is now hidden by default and customers must contact Click Studios to enable the option
  • Added an option to not show a list of Email Addresses on the Permalink screens for non Security Administrators
  • Set the ASP.NET Session Cookie as secure by default
  • Public Key authentication can now be used with Privileged Account Credentials to perform Password Resets in Linux Hosts
  • The Discovery Job process now queries all existing Password Lists to see if accounts already exist in them, instead of just the Password List specified in the Discovery Job
Fixed
  • When reading Self Destruct Messages, if the URL being accessed is not HTTPS, the user will be informed they need to use it
  • Using the 'Save and Add Another' button when creating a Folder was not clearing the screen to allow you to create another folder
  • When searching for User Accounts in the Administration area, to add to security groups or apply permissions somewhere, disabled User Accounts will not be returned as well
  • The page which informs the user they do not have an account in Passwordstate could have reported a blank UserID value
  • Restoring the default Reset Scripts for F5 BIG-IP and Dell iDrac was not working
  • Fixed an issue where an error may have occurred when deleting a Privileged Account Credential
  • It was possible to upload PSD files for branding on the System Settings screen, when only png, gif or jpg files should be used
  • Selecting Non Active Directory Accounts on the Privileged Account Credentials screen was not hiding the Check Password button
  • When moving a Password Record with individual user Permissions to a new List, Guest access was not being applied to the new list for those users
  • When deleting a password record on Passwords Home or a Folder, the Recent Passwords grid was not updating
  • The Recent Passwords grid was not showing records which had permissions applied via a security group
  • When setting an Account Type for a password record from 'Active Directory' account back to blank, it was possible all records in the Password List where not being displayed, or an exception was raised
  • When using the Bulk Permissions feature for Hosts, if you removed permissions to all Hosts for a user or security group, the Save button did not perform the action

Passwordstate 7.3 - Build 7393 (4th September 2015) Database Schema Updates in this Build

Important Changes

  • You must now have PowerShell 3 or above installed on your web server, otherwise your will experience a Server 500 error. Download from https://www.microsoft.com/en-au/download/details.aspx?id=40855
  • If you are using the Linux Password Reset script at all, you now need to have Microsoft's Visual C++ 2013 Runtime library installed on your Passwordstate web server - https://www.microsoft.com/en-au/download/details.aspx?id=40784
  • Host Types and Operating Systems have been set back to their default values. If you have added any of your own custom records here, you will need to do so again on the screen Administration -> Host Types & Operating Systems
  • Password Reset Scripts no longer need a Privileged Account Credential associated with them - this is applied at the password record level now if required
  • If you have modified any of the Password Reset or Validation Scripts provided by Click Studios, majority of these scripts have been set back to defaults in this build. It is now recommended that you create your own scripts for this purpose, and clone the contents from the default scripts we provide
  • If you have modified any of the Discovery Scripts provided by Click Studios, these scripts have been set back to defaults in this build. There are now options for the Discovery Jobs to include/exclude cetain accounts from the Local Administrators Discovery Job
  • If you have Host records currently added in Passwordstate, please review the new settings on the screen Administration -> System Settings -> Hosts tab
  • If performing Password Resets, please refer to the new KB Articles in the User Manual, found in the Help Menu
New Features
  • It is now possible for Failed Password Reset tasks to roll back the password value within Passwordstate
  • Added support for resetting passwords on F5 BIG-IP Load Balancers
  • Added support for resetting passwords on IBM's IMM out of band management cards
  • Added support for resetting passwords on Dell's iDRAC out of band management cards
  • Added an feature where various Password Reset and Validation tasks can be updated for multiple password records at once
  • Added a new Account Heartbeat feature where Password records can now be polled on a regular basis to ensure the passwords stored in Passwordstate match what is being used on the Host
  • Hosts can now be polled regularily to ensure they are on-line, with multiple options for setting the Host as Unmanaged, or to delete the Host record if not seen on the network for an extended period
  • Added the option to test Reset, Discovery and Validation Scripts within the Passwordstate interface, with your own test data
  • Added support for resetting passwords for Linux root accounts
  • Added a new report to query when a password value was last updated
  • When a password value is updated, we now track this date and provide a column in the Grids to view it
  • Added an option to retry failed Password Resets on a more frequent schedule
  • Added support for discovery other types of operating systems in Active Directory with the Hosts Discovery job
Updated Features
  • Password Reset Scripts no longer need a Privileged Account Credential associated with them - this is applied at the password record level now if required
  • The 'Bulk Update Passwords' feature is now only available to Administrators of Password Lists
  • When viewing access requests for password records, we now include the UserName field for the password record in the grid view as well
  • The dedicated Remote Session Launcher page no longer opens in a new tab in the browser, and you will return to this page if your session in Passwordstate ends
  • Made changes to Backup Settings screen to better explain backup and in-place upgrade account requirements
  • Added a 'Refresh Grid' button to the Auditing grid on each of the Password List pages
  • When users are adding Hosts into Passwordstate, they are now informed if the Host already exists - adding manually, importing and the API
  • Redesigned the 'View Password Reset Tasks' screen to see last Account Heartbeat status, and to initiate a Heartbeat Poll for Hosts and Accounts
  • Password Validation Scripts no longer need to have permissions applied to them in order to associate them with a password record
  • Made some changes to the main Vertical Menu System so the menu can be pinned when it is expanded
  • Added 2 new audit events for the regular account Heartbeat password validation process
  • You no longer need to specify a Description when adding Password Lists or Folders
  • When opening the Edit Password screen when navigating from the Administration area, you will now be redirected to the View Password screen
  • "Validate Passwords Are In Sync" actions menu item has been removed now regular schedules for Account Hearbeats can be configured
  • Added right mouse click Context Menu to Navigation Tree for creating folders and password lists
  • When adding passwords via the API, you can now also select the Validation Script to associate with the password if you choose to enable the password for performing resets
  • Added additional error checking to the Get-Resource.ps1 PowerShell script for better error capturing
  • When Adding/Editing password records, if Password Reset is enabled, the relevant Password Validation Script is now automatically selected when choosing the Account Type
  • Pattern matching for Password Generator Policy can now include Special Characters
  • Renamed some of the Custom Images, and added a few extra
  • When adding Custom Images, the Custom Image Name field will not be overwritten with the name of the file
  • When adding a Remote Session Credential query, you can now use wildcards for matching Host Names
  • Added a new System Setting option to turn off the popup 'Guided Tour' for new user accounts
  • A parent Password List/Folder will now automatically expand in the tree view when creating any nested Password Lists/Folders
  • Added an option to have all Folders collapsed by default when your first log into Passwordstate
  • Hosts can now be set to Unmanaged or Deleted if they are no longer found in any Active Directory OUs as part of a Discovery Job
  • When adding/editing a Remote Session Credential, you can now also search for password credentials by Title and Description fields
  • You can no longer delete any inbuilt Host Type or Operating System records
  • Discovery Job emails are now sent to users who have permissions to the Discovery Job, as opposed to any related Password Lists/Templates
  • Made some changes to better catch error exceptions - previously they could have been blank
  • Added additional Host Types, Operating Systems and redesigned the screen within the Administration area
  • The Windows Account validation script no longer needs to use a Privileged Account credential to validate the password is correct
  • You can no longer make changes to the contents of Inbuilt Reset & Validation Scripts
  • When adding/editing Reset and Validation Scripts, it now records who the author is and date updated
  • You no longer need to pick the Password Reset Scripts to associate with any Discovery Jobs
  • You no longer have to have permissions to Inbuilt Password Reset scripts in order to associate it with a Password and Host record
  • Added an option to force user to change password upon next log on when using Forms Based Authentication
  • With the Hosts Discovery Job, you can now apply permissions to newly discovered Hosts with either User Accounts or Security Groups, instead of copying permissions from a Password List or Template
  • Added an option to only look for certain named accounts when using the Local Administrator Discovery feature
Fixed
  • A background process was removing permissions from Folders if the folder had no nested Password Lists or Folders beneath it
  • When using Form-Based Authentication and email/pin MFA, the user was being logged out immediately after authenticating
  • User Accounts screen in Internet Explorer was showing contents center aligned when using small resolution displays
  • Fixed some UI width issues for Internet Explorer when displaying HTML fieldsets on various screens
  • Adding user accounts manually, or importing via csv file, was not allowing the UserID field to be of maximum length of 100 characters
  • The 'Folder Options' button was showing for the Passwords Home screen, when it shouldn't have been
  • If a Password Folder had no permissions applied to it, Security Administrator's couldn't fix permissions manually as all controls were disabled
  • When searching for passwords in a Password List with multiple pages, you could not navigate to the next page
  • Fixed an issue with Google Authenticator not prompting for access code when logging in as a different user
  • Newly created Local Login Accounts where being logged out immediately after they logged in for the first time
  • The Maintenance Renewal reminder link at the top of the screen could not find the renewal invoice in some cases
  • SSL Redirection was only occurring during initial authentication to the Passwordstate web site
  • Notes field text limit warning not showing when adding an initial 8000+ characters of text to a password record
  • Made several changes to prevent Cross Site Scripting attacks (XSS) by users intentionally saving malformed data in the database
  • Password List and Password Titles were missing within the body of the Permalink emails
  • Fixed an issue where the Active Directory User Account synchronization process may not complete due to a 'String or binary data would be truncated' error
  • The Mobile Client was expiring users sessions before the Idle Timeout setting was reached
  • It was possible Windows Hosts weren't being discovered if the AD Attribute lastlogontimestamp had no value stored in it
  • The Browser Extension fields could have been marked as mandatory fields when performing a CSV file import
  • It was possible to receive a 'malformed querystring error' on certain screens if a relevant field had an & symbol in it
  • When using API to create a new Password List, it could have apply the incorrect settings from a Template if also apply permissions from a Template
  • Received an error about the querystring being malformed when adding a Password List and clicking on the 'Save and Add Another' button
  • The 'Edit Password List Settings' menu option is no longer available for Private Password Lists within the Administration -> Password Lists screen
  • When Impersonating a User in Passwordstate, we now set the default home page to 'Passwords Home', in case the user has a Private Password List set as their default
  • When editing details for a Scheduled Report, the description of the report was not displayed unless you re-selected the report

Passwordstate 7.3 - Build 7316 (12th July 2015)

Updated Features

  • Made a couple of changes for cleaning up Folder permissions when Password Lists are deleted, or moved around in the Navigation Tree
  • Folder Options button is now visible to all users, regardless of their permissions on the folder
  • When cloning permissions from one user to another, and moving Private Password Lists as well, audited data for this move is now visible on the Administration -> Auditing screen
  • Resource Discovery Script now handles discovery of IIS Application Pools better, with improved error reporting
  • If a Password record has associated Password Reset Tasks, you are now only allowed to move this type of record into different Password Lists, instead of Copying them
  • Discovery Scripts have now been updated to ignore Managed Service Accounts (MSA)
Fixed
  • In build 7301 we introduced a bug were new Forms Based User Accounts could not initially authenticate, because they were being automatically logged out
  • Permalinks we're working when using AD Integrated Authentication, and Anonymous Authentication for the site was enabled in IIS
  • It was possible emails for Discovery Jobs, Password Resets and Password Validations where not being sent, due to the email category text having some words in uppercase
  • Manual AD and SecurID Authentication, and Email Temp Pin Code Authentication, was logging user accounts out immediately after they authenticated
  • When clicking on a Password permalink, it was not honouring any secondary authentication options applied to it's Password List
  • In Build 7301 we broke the ability to use the Bulk Copy/Move Password feature in the Administration area
  • When moving a password between Password Lists, this would change the value of a Permalink for the password
  • Certain Scheduled Reports where not being sent if the user did not have a Security Administrator role
  • It was possible to edit the details for a Discovery Job when you weren't granted access to do so

Passwordstate 7.3 - Build 7301 (3rd July 2015) Database Schema Updates in this Build

Updated Features

  • Added Windows 10 Host support for Discovery, Password Resets and Remote Session Launcher
  • Made several changes to support the use of Managed Service Accounts for connecting to the database, instead of SQL Server Logins
  • Searching of passwords can now be done with partial matches using multiple values as the search criteria
  • Made changes to further protect against SQL Injection attacks, or Cross-Site Scripting (XSS) attacks
  • Dropped the reference to InBuiltAccount for Privileged Account Credentials
  • Renamed the 'Password Reset Options' tab on the Add and Edit Passwords screen to 'Schedule'
  • When setting a user's account to expire, the date when the account is expiring is now added to the audit logs
  • Added 'View Password Reset Tasks' menu to Host records on the Passwords Home page
  • On the Add/Edit Password screen, various controls are now hidden if the Password field has not been selected to be used for the Password List
Fixed
  • When deleting a Password List or Folder, it was possible you may have seen a screen saying you no longer had access to this Password List or Folder
  • Was getting a "WRM cannot process this request" for Windows Resource Discovery as some hosts required the use of the -IncludePortInSPN parameter for Invoke-Command
  • Some of the Search boxes continued to show the search animation if the same value was searched more than once
  • When you are redirected to a screen to create a Google Authenticator Secret Key on initial login, the barcode was not centered correctly on the screen when using a small resolution
  • Add Password page was not being rendered correctly when clicking on the 'Save and Add Another' button while on the 'Notes' tab
  • Trying to save any changes to the 'Scheduled Task' password reset script was causing a server 500 error, preventing saving of the record
  • Fixed an issue where an error of "String or binary data would be truncated" may have occurred when trying to add records to the QueuedEmail table
  • A password record which was enabled for Password Resets was still showing an icon indicating it was associated with a Host, if the Host was set to 'Ignored' in Passwordstate
  • Password Reset Scripts should have had the option '-- Not Required --' for the Privileged Account you can associate with the script. This was missing for new installs of version 7.
  • When reading a Self Destruct Message, a error about "remote certificate is invalid" was shown when using a Self-Signed Certificate
  • When emailing a user a copy of the Google Authenticator Barcode, an Encryption error was displayed on this screen if the user did not have have Passwordstate open in the browser when they clicked on the navigation link in the email
  • Resetting of Scheduled Task passwords was failing if the Task had a single quote in the name
  • When a Password List has the option "Hide Passwords from users", it was still possible to see the password value by using the 'View & Compare History of Changes" menu option
  • Updated the Linux Password Reset script so that it will reset passwords correctly on RedHat Operating Systems
  • The Host Discovery process was discovery Hosts multiple times if the Host record did not have a dnshostname attribute

Passwordstate 7.2 - Build 7277 (30th May 2015)

Fixed

  • When navigating to a Password List from the Administration -> Password Lists page, it was saving the Password List as the one to return to when you logged in to Passwordstate
  • Fixed an issue introduced in Build 7273 where it was not possible to save a new password record if the Account Type field was left blank
  • Fixed an issue where it was possible for Security Admins to navigate to Private Password Lists from within the Administration area
  • Fixed a crash when filtering the Password List Navigation tree when searching with a single quote

Passwordstate 7.2 - Build 7273 (26th May 2015) Database Schema Updates in this Build

New Features

  • Added support for SafeNet Two-Factor Authentication for the Web UI and Mobile Client
Updated Features
  • Added an option where you can return to the last Password List you had shown on your screen, once you have been logged out of Passwordstate
  • Added the option to brand the Logo and Page Titles for the Mobile Client
  • Updated licensing features to support the new Global license option
  • Added reporting options to export a list of Password Reset Tasks for an entire Password List, or an individual password record
  • Added a new option to allow changing of a Password Lists image when copying settings from another Password List or Template
  • Added an option to prevent users from unticking the option 'Link this Password List to the selected Template' when set via a User Account Policy
  • The option to link a new Active Directory account to an existing one in another Password List now requires you to know the password for the account, and the linking happens when hitting the Save button
  • Made some changes to the Remote Session Launcher installer to try and overcome NTFS permission issues on files when installing as a non administrator
  • The list of Domains in the dropdown list on Authentication windows will now only return unique domain entries if duplicate domain information has been added to Passwordstate
  • When using the 'Export All Passwords' feature, any Password Lists configured to support the Browser Extension will now have the values of the Browser Extension fields exported as well
  • Added a new option to enforce a two-step authentication process when one of the two-factor options was selected and only Windows Authentication for the site in IIS is enabled
  • Browser Form Fields are now exported and can be re-imported for Password Lists configured to use the URL field
Fixed
  • Fixed an issue where selecting an additional Authentication Option for a Password List and clicking the 'Save and Close' button, was causing the site to be displayed in an iframe
  • Editing a user's settings on the screen Administration -> User Accounts, was clearing the Email Address field for where to send a Temporary Pin Code for authentication
  • Excessive Activity email notification was reporting on records in Private Password Lists
  • Some Exporting of Password features were exporting the ScriptID field when they shouldn't have been
  • On the Passwords Home page, "user" auditing data in the graph could have been incorrect on the timeline if some months had zero data to report
  • When the System Setting for preventing exporting passwords from Shared Lists was set, it was still possible to select this option on the Edit Password List Settings screen - exporting was disabled though
  • Custom page background color was not being displayed when logged out due to idle timeout being reached

Passwordstate 7.2 - Build 7253 (12th May 2015) Database Schema Updates in this Build

Updated Features

  • Added an option to convert Private Password Lists into Shared ones
  • Added the ability to delete or enable/disable User Accounts in bulk
  • Added a new Password Reset script for resetting the Enable Secret on Cisco devices
  • Made some changes to the Resource Discovery PowerShell script to exclude resources where the UserName field could have been returned blank
  • Made some improvements to the Passwordstate Windows Service so that newly uploaded images to the database can still be written to disk when using an Active/Active High Availability configuration
  • The selected Security Administrator roles are now added to auditing data when adding Security Admins, or updating their roles
Fixed
  • Fixed a 'Cannot have multiple items selected' error when browsing to an Active Directory login page, when the same domain had been added to Passwordstate more than once
  • Access the page Administration -> Emergency Access was sending an email alert indicating the Login Page was being accessed
  • Under certain conditions, it was possible to bypass a two-factor authentication option for a user if you did a Run-As in your browser, and then changing the account you are authenticating with
  • Was receiving a 'Cannot find a column with UniqueName Password' when Impersonating another users account, and the Recent Passwords panel on the Home Page was displayed

Passwordstate 7.2 - Build 7243 (6th May 2015) Database Schema Updates in this Build

Important Changes

  • With the changes in the performance of the AD Synchronization process, please ensure the LDAP Querystring for any domains on the screen Administration -> Active Directory Domains are pointing to the root of your domain so User Accounts and Security Groups can be found
Updated Features
  • Added support for resetting passwords on VMware ESXi accounts
  • Added support for resetting passwords on HP iLO accounts
  • Made significant speed improvements to the Active Directory Security Group synchronization process
  • Local Login Accounts, when using AD Authentication option, can now also use all the other authentication options built into Passwordstate
  • Added an option on the Manual AD Authentication screens to display a list of Domains which can be selected, instead of needing to type the domain prefix manually
  • Additional Authentication options are now available when you enable Anonymous authentication for the site in IIS - when using the AD Integrated version
  • Added a new AD Account and Security Group debug mode, and screen for viewing debug events
  • When using the AD Integrated version of Passwordstate, if a user tries to access the site and they don't have a registered account in Passwordstate, they will be redirected to the Manual AD login page so they can login with a different account
  • Made changes to the resource Discovery PowerShell script to support discovery of Scheduled Tasks nested in Folders
  • Updated the error capturing in the Scheduled Task password reset PowerShell script to better report on whether the new password or privileged account password was incorrect
  • Added an email alert when Security Administrators export all passwords from the Administration area
  • Made some changes to the Passwordstate Windows Service to overcome the intermittent issue of "Unknown error 0x80005008" and security groups being removed when the Active Directory Synchronization process runs
  • Made improvements to memory utilisation of the Passwordstate Windows Service when synchronizing many Active Directory User Accounts and Security Groups
Fixed
  • Made some changes to the Resource Discovery PowerShell script as Hosts without the option to execute PowerShell scripts enabled may have returned blank data
  • The Discovery PowerShell script was returning blank data if no Windows Services using accounts as their identity on Hosts with PowerShell 2 installed
  • Local Login Account authentication audit events where being recorded as Active Directory authentication attempts
  • When using Forms Based and SecurID Two-Factor Authentication, the UserID value was not being added to the auditing data
  • Duo Push Authentication was not working when the use of local Proxy Servers was required
  • Was receiving a 'Object reference not set to an instance of an object' error when trying to apply permissions for which user's were allowed to create API Keys for Password Lists
  • Fixed a 'String or binary data would be truncated' error if saving a Password List when the guide has more than 8000 characters of text specified

Passwordstate 7.2 - Build 7223 (18th April 2015) Database Schema Updates in this Build

Important Changes

  • With the upgrading of ZeroClipboard for improved security, you may need to clear your browser cache for the 'Copy to Clipboard' feature to work - either clear it through the browser menus, or hold the Shift key while you refresh the screen in Passwordstate
Updated Features
  • Added the ability to add, delete and search for Hosts via the API
  • Added a separate 'Allowed IP Ranges' feature for the API, so this can be locked down to different sets of trusted networks if required
  • Added a separate 'Allowed IP Ranges' feature for the Emergency Access Login page, so this can be locked down to different sets of trusted networks if required
  • Added an 'Outage Notification' Email Template and button so you can inform users of planned outages for Passwordstate
  • Added an option to email Security Administrators when a Password List is deleted
  • Added a new System Setting option for displaying the Account Types label next to the image in each of the Password Grids
  • Added the ability to view SecurityGroupID values on the screen Administration -> Security Groups
  • Added a new Password Generator API Key (System Settings screen) which now must be used for generator random passwords via the API
  • The automatic configuration of the Chrome Browser Extension no longer has a dependency on the Base URL field being accurate on the screen Administration -> System Settings
  • The Passwordstate Windows Service no longer relies on a registry key to determine the path to the web.config file
  • Updated to the latest version of ZeroClipboard for improved security - version 2.2.0
Fixed
  • The SuperPutty configuration file had an incorrect path as to where it should save it's settings
  • The Allowed IP Ranges feature may have prevented the use of the Chrome Browser Extension, depending on what network settings were specified
  • Fixed various Cross-site scripting (XSS) vulnerabilities as the result of an application penetration test
  • The 'Save and Add Another' button on the screen Administration -> Password Lists was not redirecting to the Add Password List page
  • Fixed an issue with the 'Aged Password Report' where it may not have been returning data for all password records
  • Using Security Groups to specify which users are allowed to use the Chrome Browser Extension was not working - only when specifying permissions based on User Accounts
  • Fixed a bug for the Host Discovery Job where the Tag field may have repeated the value of 'No longer found in' if the Host was moved to a different OU
  • When the Passwordstate Windows Service 're-enabled' a user's Active Directory account, it was not first checking if there were any available licenses to do so
  • The verification of the backup account used prior to upgrades occurring was failing if customers where using the Forms-Based authentication version of Passwordstate
  • Fixed an issue where the standard horizontal popup message at the bottom of the screen was not bottom justified when using the new Vertical menu system
  • If a Password List's options 'Hide Passwords from Users' and 'User Must Specify a Reason' were set, the Password column in the Home Page Search Passwords grid was showing two sets of data
  • The verification of the backup account used prior to upgrades occurring was failing if a local account was being used as opposed as a domain account

Passwordstate 7.2 - Build 7200 (28th March 2015)

Updated Features

  • Made significant performance improvements when automatic applying of permissions to upper-level folders needed to occur
  • Made some performance improvements when sending the Delta Permissions Report email
  • The Host Discovery process no longer checks for matches on HostType equals 'Windows'
  • The 'Link to Password' field for Remote Session Credentials is now hidden a user has not been given permissions to the credential
  • When using Forms Based Authentication, if the 'Denied Access Altogether' option is selected for untrusted networks, the user is now denied on initial login, not after they first authenticate
  • The Emergency Access login page will now return a 404 Error page if accessed outside of the 'Allowed IP Ranges' settings
Fixed
  • Reverted to previous version of Telerik ASP.NET Controls as the latest version was preventing pasting data from the clipboard into the Notes field for password records
  • After upgrading to Build 7185, the High Availability instance was reporting an UPDATE error for the UserAccounts table when trying to update the LastLoginDate field
  • Fixed an issue where the Passwordstate Windows Service could have caused high SQL Server CPU usage when sending emails for Password Lists which were nested deep in a Folder structure
  • The Passwordstate Windows Service was logging audit records as 'Access Updated' when it should have been 'Access Removed'
  • When only having a single Zone on the Passwords Home Page, the grid was not filling the width of the screen
  • When using Duo Push Authentication, it was possible a blank alert may have shown on the screen after authenticating
  • Pending password resets were visible to users who weren't granted access to the relevant hosts
  • The 'Allowed IP Ranges' authentication option, when outside the trusted networks, was only working if Passthrough Authentication was selected on the System Settings -> Authentication Options tab
  • Was receiving a 500 Internal Server Error when viewing a Self Destruct Message, only if the email wasn't sent from Passwordstate i.e. the copy to clipboard icon was used instead

Passwordstate 7.1 - Build 7185 (19th March 2015) Database Schema Updates in this Build

Updated Features

  • To configure the Chrome Browser Extension now, all you need to do is browse to the Passwordstate web site and it will configure itself - no more specifying the URL, UserID and API Key
  • Added two auto logout timers for the Chrome Browser Extension - when the user closes their browser, or when the browser has been idle for (x) minutes
  • Made some changes to the Chrome Browser Extension to eliminate the need to upgrade Passwordstate every time the Extension is updated
  • Security Admins can now choose which Users are allowed to save new web site logins with the Browser Extension
  • Security Administrators or Users can now choose which URLs are ignored by the Browser Extension, preventing saving of new logins for the given URLs
  • Added an option where 'View' permissions to a Password List can create new password records
  • Added 'Last Login Date' field on the screen Administration -> User Accounts
  • Updated to the latest build of Telerik's ASP.NET Controls
  • When sending Auditing data to a syslog server, the client IP Address is appended to the end of the syslog description field
  • Added a popup alert if there are any Failed Password Reset Tasks on the screen Hosts -> Pending Password Resets which may require your attention
  • Added additional error checking to 'Validate Password for Windows Account' PowerShell script, to ensure a Privileged Account Credential has been associated with it
  • When applying permissions to a Privileged Account Credential, a check is first made to ensure you have specified the UserName and Password for the account
  • Added some checks on the System Settings page to check AuthAnvil and Duo Push settings are specified before selecting one of these authentication methods
  • Added a new System Setting option to prevent users from exporting passwords from Shared Password Lists
  • Made some changes to the Remote Session Launcher Utility so the 'Remember my credentials' option is not selected for RDP sessions
  • Added an option to pause for (x) seconds between synchronizing Active Directory Security Groups
  • Made some changes to the Self Destruct Message feature, where the message can be viewed (x) number of times, and an email is sent to the user who generated the message on it being viewed
  • Added a new audit events for requesting,denying and approving access to Passwords and Password Lists
  • Added the option to add multiple Security Groups at once
  • When using the AD Authenticated version of Passwordstate, users outside of your internal network can now view Self Destruct Messages
  • Added a System Setting to have the default option of automatically linking or not new Password Lists to a Template if copying of settings from the Template is selected
  • Included UltraVNC VNCViewer 1.2.0.5 as the latest VNC client for the Remote Session Launcher utility
  • Added a check to ensure duplicate Bad Passwords can't be added on the screen Administration -> Bad Passwords
  • Added a filtering header to certain grids in the Administration area to allow easier searching
  • Increased the Field Length for filtering Hosts on the Remote Session Credentials screen
  • Browser Extension and Remote Session Launcher now has their own tabs on the Preferences screen
  • Masked and disabled some data on the Preferences screen when a Security Admin is impersonating a user's account
  • The Temporary Pin Code Email Address is now auto-populated when new accounts are added to Passwordstate
  • When a password record is of type 'Active Directory', then the UserName label will now show Domain\UserName
  • Increased the Field Length for filtering Hosts on two of the Discovery Jobs screens
  • Provided Templates for Permalink Text and Self Destruct Message Text
  • When using the Remote Session Launcher, if the password being used has the 'Provide a Reason' setting, then you must do this before logging in with these credentials
  • When saving new Passwords with the Chrome Browser Extension, the Password Lists are now sorted alphabetically by the TreePath
  • Added SuperPutty as the default SSH client for the Remote Session Launcher utility
  • Added an icon on the Edit Password screen to launch a new browser tab for the URL field
  • Password Reset script for Linux has been updated to include conditional processing for different Operating System types
  • Added OperatingSystem variable for Password Reset scripts so conditional processing in the script is possible for different Operating Systems
  • On the Backup and Upgrade Settings screen, add a button to validate the domain account being used has a valid password
  • Added a new System Setting option to hide the ability to manage permissions manually on folders
  • Added the ability to apply permissions to Remote Session Credentials, and share the credentials with other users
  • When performing an In-Place Upgrade, we now validate the account/password being used for the backups is still valid and not blank
  • When adding an Active Directory account password, if the account is found to already exist in Passwordstate, you are given the option of linking the two
Fixed
  • For the 'Bulk Permissions for Individual Passwords' feature, an error message was displayed if you were not a Security Administrator of Passwordstate
  • Adding a Host Discovery Job record may have resulted in a JavaScript error after adding an OU, preventing certain clicking functions on the screen from working
  • Renamed the UserID for the Passwordstate Windows Service from WindowService to WindowsService
  • Added some checks to ensure either the Alphanumerics or Word Phrased options where selected for Password Generators, before you can generate passwords or save policy records
  • Administration -> Auditing screen may have returned zero results when filter on Audit Activities, as the Activity Type was automatically being deselected
  • Was receiving a "'Date2' cannot be converted to type 'Date'" error when impersonating a user when using Forms-Based Authentication
  • Self Destruct Message may not have added Auditing data to reflect which Password record was contained within the message
  • Fixed an issue where Password Lists were not showing on the screen Administration -> Password Lists, if the TreePath field value was NULL
  • Some session variables weren't being refreshed when using Form-Based Authentication, and saving some changes to your Preferences screen - required you to log back in to pickup changes
  • Made some changes to the Export All Passwords feature to overcome the report crashing if values like 5,4,3 were stored in a field - these we're trying to be interpreted as date fields
  • Any selected settings on the 'Password List Options' tab for a User Account Policy, were not highlighted Red showing the setting was in use
  • If connecting to en existing empty database during initial install, the database connection test would fail in the database name had a dash in it i.e. '-'
  • The 'Spell Password' icon was showing in to top toolbar when logged in as the Emergency Access account
  • Fixed an issue where it was possible to bypass the ScramblePad authentication login if your Pin Number was currently blank
  • Fixed some Passwords Home page UI issues when using a very small resolution
  • Fixed an issue with Google Authenticator where we query if the User Account exists now before we present the screen to create the Secret Key QR code
  • Fixed an issue where the correct authentication option for an account was not presented if the UserID was changed on the initial login screen
  • Error capture page for AD User or Security Group querying was not reporting the correct AD attributes
  • Fixed an issue where popup screens would not resize correctly when using small resolution monitors
  • Hosts & Password Resets screen in Administration area was showing black border around icons when using Internet Explorer 9

Passwordstate 7.1 - Build 7123 (30th January 2015)

Updated Features

  • Increased the default TimeOut value when trying to send emails
Fixed
  • During a new install, the initial user account was not being created when using Forms Based Authentication, preventing logging into Passwordstate
  • Description for 'High Availability Site Accessed' was incorrect

Passwordstate 7.1 - Build 7120 (21st January 2015) Database Schema Updates in this Build

New Features

  • Added support for changing Com+ Component passwords
Updated Features
  • The Remote Session Launcher utility can now be used by multiple users on the same computer - requires reinstall of Utility
  • The 'Expiring Passwords Report' now has an option to only report on expiring passwords in the future, instead of both with the past
  • Added a System Setting option to show the Build Number at the top of the screen for All Users, or just Security Administrators
  • Limited the number of rows for the 'Recent Activity' grid on the Password List pages to improve performance
  • Added the ability to view/change User Email Notifications via the screen Administration -> User Accounts
  • Added a 'Maximum Records' textbox to Auditing screens to limit the number of records returned - to help improve performance
  • Added the Remote Session Launcher instructions to the main Help menu
Fixed
  • The Email Notification Groups feature was unreliable and confusing depending on the settings
  • Reset Windows Service Password PowerShell script may not have reported the relevant Host name if the Windows Service could not be found
  • The 'Run Discovery Job Now' feature was setting the job schedule incorrectly if the current time was 59 minutes
  • Fixed a database timeout issue when navigating to the page Administration -> Auditing, if there were an excessive number of records to return
  • Fixed a database time-out error when trying to upgrade to version 7
  • The 'Toggle All Password List Visibility' menu option wasn't working if accessed when the Passwords menu was manually expanded on the screen
  • The Export All Passwords feature was giving a 'Object reference not set to an instance' error if not options where selected on the screen before running the report

Passwordstate 7.1 - Build 7105 (12th January 2015) Database Schema Updates in this Build

New Features

  • Added a Simulation Mode for each of the three Discovery features
  • Added a Scheduled Password Validation Report to check if the passwords stored in Passwordstate match what is currently in use on the various hosts
Updated Features
  • Added the option to disable a User's account when they no longer belong to any Active Directory security groups in Passwordstate
  • Added an email alert for Security Administrators if the automatic AD Sync Process was still running the next time the scheduled was met - could indicate an issue
  • Added an option to convert a Private Password List into a Shared one
  • Added some popup guidance windows to each of the 'Discovery' feature screens if the prerequisites haven't been met for adding discovery records
  • Added various System Setting options for showing, hiding or masking passwords on the Compare Password History screen, and for disabling the Actions menu item for this screen
  • Made some changes so the URL Mismatch popup window no longer appears
  • Added a new option where you can insert your own JavaScript code into the main default.aspx page - useful for your own usage tracking and reporting
  • Added the option to CC other users when emailing Scheduled Reports
  • Upgrades now check if SQL Transactional Replication is currently in place before an upgrade commences. If so, reminds the user that it must first be deleted if there are any schema changes
  • Added a new Password Validation script for Active Directory accounts, so it could be used in conjunction with the new scheduled report
  • Added the option to retrieve documents via the API
  • Added the ability to link a Password record with a Password Validation script
  • Using the 'Remote Session Launcher with these Credentials' Passwords menu item now allows you to search for hosts using the 'Tag' field
  • Added an option to Time-Based Access to password records to reset the password when the permissions were removed
Fixed
  • The Spell Out Password feature may not have displayed the whole password on the screen correctly if the password value contained HTML tags
  • The use of Password Validation Scripts was too restrictive when used in conjuction with custom Password Reset Scripts
  • The 'Password Reset' option for passwords records was not being copied across to other Password Lists when using the Cop/Move feature

Passwordstate 7.0 - Build 7086 (21st December 2014)

Updated Features

  • Chrome Browser Extension has improved site awareness when clicking through multiple open tabs
  • Added the button 'Toggle ID Column Visibility' on the screen Administration -> Custom Images, as this is helpful for the API
Fixed
  • The 'Authentication Credentials' email template was missing for new installs of version 7
  • Fixed an issue where some customers were seeing duplicate records on the SecurityGroupsMembership table
  • Fixed a 'primary key constraint' issue when the Passwordstate Windows Service tried to add a new user as the result of a security group synchronization
  • One-Time Access for an individual password was not executing any associated Password Reset tasks for non Active Directory accounts
  • When manually launching a Remote Session from a specific password record, the Tag name was being passed with the Host Name prevent the remote session from working
  • Creating a password via the API was not inheriting password reset features from the Password List the record was being added to
  • A 'Record Not Found' error was displayed when trying to add a Host Discovery job when no Active Directory Domains where added to Passwordstate

Passwordstate 7.0 - Build 7077 (12th December 2014) Database Schema Updates in this Build

Updated Features

  • Submitted the Chrome Browser Extension to the Google Play store
  • Added a 'Last Access vs Updated Report' for User Accounts to report on which passwords they have access to, and whether they have accessed them since the password was last updated
  • Added a new option which allows Security Administrators to grant themselves access to Password Lists via the Administration area
  • Provided the option where a User Preference or User Account Policy for copying settings/permissions from a Template to newly created Password Lists could be overridden
  • Added a new 'Inactivity Time Out' setting for clients whose IP Address was not in the Allowed IP Ranges
  • Selecting the reports 'All Passwords Report' or 'All Password History Report' will now add one 'Password Viewed' record for each password exported
  • Added additional error checking to PowerShell scripts to detect if a Privileged Account Credential has been associated with the script
Fixed
  • Clicking on the Default Password Generator policy after a fresh install of version 7 was giving a 'DBNull to Boolean' error
  • 'Logon' button for Manual AD and Duo Push Authentication option was wrapped to the next line in Internet Explorer
  • The List Administrator's Actions dropdown list may not have shown it's menu items if the list was positioned at the very bottom of the page
  • Under certain conditions, the authentication option chosen for client IP Addresses outside of the Allowed IP Ranges may have been ignored
  • Password Reset Script for Cisco & Linux accounts may have complained about 'Cannot access a disposed object' even after a successful reset
  • Using the 'Manual Credentials for Remote Session Launch' menu item was not working for domain accounts, only local accounts
  • The feature to restore default script settings for Oracle password validation and resets was not working
  • Any additional Authentication steps for a Password List where being ignored if the Password List was flagged as a favorite, and you navigated to it from the Passwords Home page

Passwordstate 7.0 Beta 6 - Build 7062 (27th November 2014)

Fixed

  • Some customers may have experienced a data integrity issue when clicking on Password Lists, when permissions were applied via Security Groups

Passwordstate 7.0 Beta 5 - Build 7061 (25th November 2014)

Fixed

  • Fixed an issue where the domain portion of a Users ID may have been detected incorrectly when synchronizing security groups - happened if the user accounts where in a different domain to that of the security group
  • Remote Session Launcher for RDP protocol was not allowing authentication using local accounts - only domain ones

Passwordstate 7.0 Beta 4 - Build 7059 (22nd November 2014) Database Schema Updates in this Build

Updated Features

  • You can now perform a Remote Session Launch from the Actions menu for a password record, and manually specify the Host and remote session type connection
  • Added a 'Tag' field to Hosts records, so you can categorise them, search them, or create Discovery Job records based on them
  • Discovery Jobs for Hosts can now populate the Tag field with the OU the Host belongs to
  • You can now compose a Self Destruct Message for individual password records
  • For Host Discovery Jobs, added the option to Lookup the FQDN for OUs and Containers
  • The Active Directory OUs for Host Discovery Jobs can now have the option to either recurse nested OUs, or not
  • Added 'View Password Reset History' for password records to view the history or any reset tasks, and the value of passwords for them
  • The Search Textbox in the toolbar at the top of the page will now search through all passwords you have access to, regardless of what Password List you may have selected
  • When copying/moving passwords between Password List, the filter for Password Lists now behaves the same in the main navigation tree
  • Added Auditing data for Self Destruct Messages being sent and read
  • Added a new option to either show all Hosts the user has access to on the Passwords Home and Remote Session Launcher pages, or to instead make them search for them
  • Added an option to hide the setting 'Show all Hosts added to Passwordstate' on the Hosts and Resources screen
  • 'Actions' menu items for Password records have now been sorted alphabetically
  • Increased the size of the DatabasePortNumber and RemoteConnectionPortNumber for Hosts records
  • Added some additional error checking to Password Reset Scripts to detect if PowerShell 3 was not installed on the Passwordstate web server
  • For Forms Based Authentication, provided an option where users don't need to regularly change their login password
  • For Discovery Jobs, added more granular control for the schedule in which to execute the job
Fixed
  • Fixed an issue where the domain portion of a Users ID may have been detected incorrectly when synchronizing security groups - happened if the user accounts where in a different domain to that of the security group
  • Fixed an issue where potentially a 'Could not load Telerik.Web.UI assembly' error could occur for certain Password Lists after upgrading to version 7
  • Recent Hosts grid could have shown Hosts which were set to be ignored
  • For 'Database' Server hosts, the Port Number may not have saved successfully
  • Made some internal changes for the Chrome Browser Authentication Key to see if it resolves an issue when using Russian language settings on the web server
  • Clicking on a Host could have resulted in a 'String to Boolean is invalid' error if the Host was added via a Discovery Job
  • The Mobile Client may have reported the Passwordstate web site was in need of an upgrade - issue introduced in Build 7019
  • Fixed error 'Method invocation failed because of method named Gettype' when discovering Local Administrator accounts
  • Cloning a Folder was causing a 'Operator = is not defined for type DBNull' when clicking on a Password List

Passwordstate 7.0 Beta 3 - Build 7033 (9th November 2014) Database Schema Updates in this Build

Updated Features

  • Multiple Active Directory OUs can now be associated with a Host Discovery Job
  • The Password Generator feature in the top toolbar can now be used to search passwords on the Home Page, Folders and Password Lists
  • Chrome Browser Extension now highlights the toolbar icon with a different color if multiple logins for a web site is detected - allowing you to chose which credentials to use
  • If no new records are found when a Discovery Jobs executes, this will be reflected in the email sent instead of an empty table
  • Added additional error checking for incorrectly specified Active Directory OUs in Discovery Jobs
  • Made the 'Login Attempt Succeeded" audit message for the Browser Extension a bit more obvious it was for authenticating to the API
Fixed
  • Host Name was missing from auditing data when apply permissions to the Host
  • Could not apply/remove permissions to Privileged Account Credentials for 'All Users and Security Groups'
  • When clicking on the 'Test Permissions' button on the Backup Settings page, the progress indicator was not showing if the option to not perform backups before In-Place Upgrades was checked
  • When using Forms-Based Authentication option, the 'Security Administrator' role was not being applied to new Security Administrator accounts, even if it was selected
  • Fixed a couple of UI issues when using the In-Place Upgrade feature
  • The new PasswordstateApps application pool could have selected the .NET Framework 2, instead of 4
  • Fixed an issue where some customers were getting a blank page or server internal error when trying to use the Self-Destruct Message feature
  • Fixed a NullReferenceException error when clicking on the 'Screen Options' button for a Password List which did not have the Username field associated with it

Passwordstate 7.0 Beta 2 - Build 7019 (5th November 2014) Database Schema Updates in this Build

New Features

  • Added support for resetting Oracle account passwords
Updated Features
  • Duo Push authentication will now automatically log you in once you have accepted the Push Notification
  • Added the option to make the Duo Username read-only on the authentication screen
  • Chrome Browser Extension will now show you the Tree Path for a Password List when saving new records
  • Chrome browser extension will now save the Title of a page into the Description field
  • Mobile Client now reports generic login failure messages on the screen for improved security
  • Have now made it easier to configure the browsers to support the Custom Protocols needed for the Remote Session Launcher utility
  • The PSLauncher.exe file has now been digitally signed using a www.digicert.com Code Signing Certificate
  • All Passwordstate .exe installer files have now been digitally signed using a www.digicert.com Code Signing Certificate
  • Made the naming of buttons and menu items for linking of Passwords, Hosts and Reset Scripts to be more consistent and logical
  • Added some additional checks to ensure a PowerShell script was selected when linking Hosts -> Scripts -> Passwords
  • Added some buttons on the Reset and Validation Scripts screens to easily navigate to the 'Community Scripts' section of our forum
  • Added Help menu, build information, and a few UI improvements to the Chrome Browser Extension
Fixed
  • Fixed an issue on 32bit servers for a System.Data.SQLite error
  • When selected users for the Handshake approval process for new permissions applied to Password Lists via the Administration page, it was possible your own account was being disabled as one of the approvers
  • Clicking on the 'Add Linked Resource' button for a Host record would produce an 'Object reference not set to an instance of an object' error
  • Fixed a bug where it was possible to experience a database timeout error when upgrading from Build 5458 or earlier
  • Remote Session Launcher feature may not have been working if execution of PowerShell scripts on the user's desktop was disabled
  • The Remote Session Launcher popup window in the browser may not have been successfully closed once remote session was initiated

Passwordstate 7.0 Beta 1 - Build 7000 (25th October 2014) Database Schema Updates in this Build

New Features

  • New Chrome Browser extension for form filling web sites
  • Added support for changing passwords on various remote Windows systems - Windows Services, IIS Application Pools, Scheduled Tasks and Local Account Passwords
  • Added support for changing passwords on Microsoft SQL and MySQL Servers
  • Added support for changing passwords on various remote Unix and Network hosts
  • You can now automatically discover Windows Hosts on your network, Local Administrator Accounts, and Windows Services, IIS Application Pools and Scheduled Tasks which are using accounts as their identity
  • Added the ability to validate Passwords are correct for Local Windows Accounts, MS SQL & MySQL Accounts, Linux and Network Hosts
  • Added support for creating your own PowerShell scripts to execute on a password change event
  • Added Duo Push Two-Factor Authentication support
  • Remote Session Launcher for automatically logging into hosts via RDP, SSH, Telnet or VNC
  • Added a new Vertical Navigation Menu, in addition to the Horizontal one. The navigation menu type can now be set system wide, users can choose their own, or it can be set via User Account Policy
  • Passwordstate can now be themed with different colors
  • New Dashboard Layout for Password Home and Folder pages - allows you to choose which panels to display, and where
  • New Favorite Password Lists feature, whereby favorites can be easily filtered in the Navigation Tree
  • New "Self Destruct Message" feature for sending time-bombed messages to other users
Updated Features
  • Generic Fields can now be configured as URL fields as well
  • Added the ability to encrypt any one of the Generic Fields you can select for Password Lists
  • Added the feature to spell out passwords in the format of tango echo yankee foxtrot, etc
  • Add Google Authenticator and Duo Push two-factor authentication support for the mobile client
  • Added option to Password Lists to ensure passwords are not visible or can be copied to clipboard
  • Added option to force users to use the Password Generator associated with a Password List
  • Updated User Account Policy settings to allow new Password Lists to be based on an existing Template - for both Shared and Private Password Lists
  • Users password, using Forms based authentication, will now expire after a set period, and password reuse is prohibited
  • Added various Folder and Password List methods to the API
  • It's now possible to send specific email notifications to a generic email address
  • When managing Password permissions from the Administration area, you can no longer apply/modify permissions for your own account, or for any Security Groups you're a member of
  • Users can no longer modify their own Security Administrator roles, or add roles for themself
  • Removed spaces around back slash from the TreePath value for all Password Lists
  • List Administrators Actions dropdown list now has menu items sorted alphabetically
  • System Settings tabs have now been ordered alphabetically
  • Added Department and Office fields for User Accounts, with Active Directory Synchronization updating these fields automatically
  • Each of the main Navigation Menus can now be hidden from users, instead of just disabled. We've also added controlling all menus items
  • Scheduled Reports now have an option to not send the report if there is no data to report against
  • The API now supports deleting password records
  • Permalinks for Password Folders has now been added
  • Added the option to exclude performing a backup prior to any In-Place Upgrades taking place
  • Added the option to export all Shared passwords into a KeePass compatible csv file
  • Email Temporary Pin Code authentication option has now been enabled when Anonymous Authentication in IIS has been enabled for the AD Integrated authentication version
  • Active Directory Authentication for the Mobile Client has now been moved to the API so a dedicated server hosting the Mobile Client web site does not need to be joined to the domain
  • Modify rights for a Password List can now access additional menu options in the List Administrator Actions dropdown list
  • Added an option to display a popup window for a Password List's Guide every time users access the Password List
  • Any System Settings for cloning settings and permissions from Templates to new Password Lists have now been moved to User Account Policies
  • One Time Access for permissions can now synchronize passwords for Active Directory Accounts, and initiate any associated Password Reset Tasks
  • Added a System Wide option to prevent the uploading of documents into Passwordstate
  • Passwordstate can now be used without an email server if needed, with certain features being disabled
  • Added the ability to generate random passwords based on a pattern of alphanumeric characters
  • 'Password Synchronization' audit events have been renamed to 'Password Reset'
  • Filtering in the Navigation Tree can now also filter on Folders names
  • Added additional error capturing to the API for HttpStatusCode of InternalServerError (500)
  • Improved performance of page loads by removing the count total for various menu items under the Grid's Actions menu
  • Provided greater detail in the AD Synchronization Report
  • Screen Options for Password Lists and Folders has now been changed to a popup window
  • Password Generator Icon within the Search Textboxes on each page has now been moved to the top header panel on the main page
  • When deleting a Password List, the confirmation popup now tells you what Password List you have selected to delete
  • You can now exclude specific letters and numbers in the Password Generator results
  • When using IE, the clipboard clearing timer is reset if a password is again copied to the clipboard why the timer was active
  • Email alerts from the High Availability instance of Passwordstate are now queued, instead of being sent real-time
  • High Availability instance of Passwordstate now adds its own auditing data, which can also be reported against
  • Added the option for various API calls to exclude the Password field from being returned, resulting in to Auditing records being added
  • Added the ability to see all Private Password Lists on the screen Administration -> Password Lists. Only feature available with this is deleting the Password List
  • Moved all 'Administration' navigation menu items to their own Navigation Tree
  • Allow different Privileged Account Credentials for different AD Domains for synchronizing password changes
  • API and Mobile Client web sites now have their own IIS Application Pool
  • Added additional Pie Chart color options for Password pages
  • Auditing Graphs are now available to non Security Administrators as well
  • Synchronizing of AD user accounts and security groups will no longer execute if an existing process is running
  • Installer now provides the option to add a firewall exception for the selected web site port
  • New Security Administrator Report
  • API Key can now be included in the header request instead of the URL
  • Once the initial Enterprise license trial expires, you're now given an option to extend the trial instead of just disabling or deleting any excess user accounts
  • Added a check prior to starting any upgrades to ensure the required Session Variables hadn't expired due to the page being left open too long
Fixed
  • Some Auditing Activities for various 'platforms' was not being shown correctly for Scheduled Reports
  • Mobile client was ignoring User Account Policy settings
  • Auth Anvil authentication was not working when Anonymous Authentication in IIS was selected - when using AD Integrated authentication
  • When the option to prevent exporting of all Passwords in a Password List was selected, the Bulk Update features was not disabled
  • User Account Policy conflict check wasn't checking for the last user in the query
  • API would not allow calls to Private Password Lists when using the API Key from the Private Password List
  • HTTPS redirection wasn't working for various authentication options until after the user was authenticated
  • Under certain circumstances, a Scheduled Report of type 'Custom Audit Report' may not save the correct Audit Activity
  • Under certain conditions, a Pending Access Request popup reminder window may have shown when you didn't have the required Security Administrator role
  • ScramblePad Authentication option was allowing users to log in when the initial Pin Number wasn't set
  • When a Generic Field of type Password was displayed in the grid and the field was blank, it was preventing copying the password field value to the clipboard
  • Under certain conditions the Password Generator may create duplicate passwords when generating large quantities of them
  • Enumerated Permissions Report was showing passwords in the recycle bin
  • When using Forms-Based Authentication, the ability to manage Security Administrator roles was disabled/hidden
  • Filtering in the Passwords Navigation Tree was not working if Password Lists were nested beneath other Password Lists
  • Searching from the Passwords Home page may have returned zero results if the previous search was was displaying a different Page Index in the grid
  • Could not manually add an AD Security Group with the same name on different domains
  • When upgrading from version 5, it was possible to receive an error about dropping a column in the TreeViewState table
  • When upgrading from Builds prior to 5458, it was possibly to receive an error about the Expanded field in the TreeViewState table not being allowed NULL values
  • The initial resetting of a password for a forms-based User Account was allowing the Confirm Password to be different
  • Could not close the 'View Password' window when viewing from the Auditing menu at the bottom of the screen
  • Edit Password screen was not sizing correctly if the descriptive text at the top of the screen was too long.
  • Notes field had no scrollbar for large content
  • Fixed a UI issue where an icon was shifting on the Add Password List Permissions page when you clicked on a User or Security Group