The Release Notes provide a summary of new features and changes since the last release. The Release Notes can help you evaluate whether an upgrade is necessary.
Current release: 8.21.21147.1
- Added new feature for masking phone numbers in Secure Service Desk.
- Added new feature for displaying and sending enrollment link from Secure Service Desk.
- Okta verify is now available as a quick verification in Secure Service Desk.
- Service desk settings page has an updated design.
- A new placeholder for user first name is now available when editing notifications.
- The default selected scope is now empty when running the Gatekeeper installation wizard. If the root is selected a warning will now be displayed.
- Adding images to notifications could fail without useful error message.
- Signing out from admin will now also sign out the user from Service Desk.
- The icons presented next to password/passphrase rules have been changed and should now be aligned with SPP password change UI. This should also improve visual feedback for people with color vision deficiency, since the icons now differ in both shape and color.
- Admin and Service desk policies are now identical by default.
Released June 09, 2021
- Added support for YubiKey as an identity service.
- Added support for showing rules/phrases in order as configured in Specops Password Policy (Only for users affected by Specops Password Policy).
- Improved error message during if user with ‘must not change password’ set in Active Directory attempts to reset/change their password.
- Enrolling with the Duo identity service could result in an error message.
- Improved user feedback when Duo has been configured to bypass two-factor authentication.
- Improved user feedback when a user has inactive/disabled/locked devices for Symantec VIP.
Released April 27, 2021
- Improved user experience for the Symantec VIP identity service.
- Added support for ‘quick verification’ to Symantec VIP from service desk.
- Added option to configure custom verification URL for service desk
- Improved usability when entering phone number for the Mobile Code identity service, in particular for Internet Explorer users.
- Active Directory domain name with underscore (‘_’) was not fully supported.
- Integrated Windows Authentication could fail from Edge.
Released March 09, 2021
- Certain top level domain names, (e.g. .at/.ac) were not supported when signing up or adding new domain names.
- ‘Required’ flag on questions when configuring the Q&A id service was not always saved.
Released February 15, 2021
- Domain verification is now enabled by default for new installations.
Released January 13, 2021
- Okta Verify: To prevent API tokens from going stale if not used for 30 days, these will now be refreshed by Specops Authentication after 20 days.
- Added support for traditional Chinese as a user interface language.
- Added support for PingID as an identity service.
- Changing/Resetting password could fail for users with short sAMAccountName (1 or 2 characters).
- Gatekeeper: Changed event id 239, for rejected password resets, to informational level instead of warning.
- From Internet Explorer, some identity services could fail unexpectedly due to too many redirects.
- Secure Service Desk: Added device selection for Duo identity service.
- Secure Service Desk: Loading user could fail if mobile attribute override was set to displayName or other commonly used attribute.
- Added domain name to unenrolled users report.
Released November 17, 2020
- Gatekeeper: Added additional eventlogging around user counting.
- After unlocking account and getting signed out, customizations were not shown.
Released November 04, 2020
- Gatekeeper: password resets could be handled incorrectly for users affected by password policy containing minimum password age setting, depending on time zone.
- Changing user interface language in Secure Service Desk did not always work.
- After a user had unlocked their account, if locked out from Active Directory, the user was able to unlock again without having to re-authenticate.
Released October 23, 2020
- Duo identity service now supports Auth API. This gives a better and more integrated user experience. Existing Duo configuration must be upgraded to bring this to end users.
- Quick verification has been enabled in Secure Service Desk for the Duo identity service. This requires configuring the Duo identity service to use Auth API.
Released September 30, 2020
- After authenticating with Fingerprint app on iOS, the Fingerprint app could fail to return to the originating browser.
- Authentication with Windows Identity could get stuck with a spinning wheel, never completing.
- Better indication if a user account in Active Directory has a malformed userPrincipalName.
- Users whose password had expired in Active Directory, could sometimes not change the password without doing a reset.
- User counting could be misleading in cases with multiple Active Directory domains.
- PowerShell modules were not signed.
Released September 08, 2020
- Bug fixes
Released August 06, 2020
- Bug fixes
Released August 06, 2020
- Fixed an issue where notifications for insufficient enrollment sometimes took longer to send or failed.
Released July 29, 2020
- Fixed an issue where displaying the text messages report took you to an error page.
Released July 21, 2020
- Added new cmdlet Clear-SAGatekeeperCache to clear Gatekeeper cache, to conform with what already is supported from admin tools.
- Added lockout settings for Mobile Code, Email and Personal Email identity services.
- Added notifications on admin web pages to indicate if there is a new Gatekeeper version available.
- Length of identity verification session is now configurable and displayed to Service Desk agent.
- Added configurable MFA policy for password change.
- Added option to customize name of Windows Identity id service.
- Added Service Desk setting for enforcing user to change password at next logon after reset, either mandatory or selected by Service Desk agent.
- Browser’s password manager could unexpectedly try to save password.
- Certain firewalls could drop connections while processing requests from browser to Specops Authentication.
- Improved usability of customization UI with display name instead of identifiers.
- Made cmdlets install with Admin tools instead of the Gatekeeper.
- Enterprise admins are now granted permissions to users’ sub-object. This does not apply to already existing sub-objects.
Released July 21, 2020
- Gatekeeper Admin – Added PowerShell cmdlet Update-SpecopsAuthenticationUrls to update ‘useful links’ URLs from cloud to AD settings container.
- Gatekeeper Admin – added PowerShell cmdlet New Update-SpecopsAuthenticationGatekeeperAdminTools to install Gatekeeper admin tool MSI.
- Added option for Service Desk agent to reset a user’s password to a generated password, without being able to see the generated password.
- Enabled Quick Verification (email) for identity verification in Service Desk.
- Enabled customization of text messages from mobile code id service.
- Added missing translations for some languages.
- Gatekeeper – After upgrading Gatekeeper, tabs in the admin tool were not always updated.
- Changed Email ID services to use time-based one-time password to improve usability and security.
- Fingerprint app on iOS could fail to resume correct web page after authenticating.
- Improved filtering for Service Desk statistics.
- Added support for Okta preview and EMEA domains.
- Added missing translations for Q&A page.
- If all default Q&A questions had been removed, it was not possible to add additional languages.
- Additional information about user displayed when opened in Service Desk.
- Added monitoring logging for user locked out of an Identity Service that a user can get locked out of (Mobile Code, Secret Questions, Email Id Services)
Released May 19, 2020
- Added a Trusted Network Location identity service which can be used to increase the authentication weight for requests from selected IP addresses.
- Added support for restricting user enrollment only from trusted network locations.
- Added support for not presenting Captcha for users connecting from trusted network locations.
- Added Email identity service for verification with email stored in Active Directory.
- Added Quick Verification identity service for verification using personal email address.
- • Added Service Desk (formerly User Management) with user identification enforcement, and the ability to unlock user’s computers when locked with Bitlocker or Symantec Encryption.
Released April 29, 2020
- Simplified enrollment process for end users.
- Improved usability for mobile code identity service.
- Added option to configure security level for user enrollment process to fit different organizations’ needs.
Released April 22, 2020
- Updated requirement for Gatekeeper and Gatekeeper admin tools to .Net Framework 4.7.2.
- Added cmdlet to list users lacking enrollment for a specific id service (Get-SAUnenrolledUsers)
- Blocking regions could fail if the region selected didn’t have a locale in the operating system where Gatekeeper admin tool was running
- Start page for a user incorrectly showed the Change password button, even if the change password feature was disabled
- Improved error message from enrollment cmdlet if the user was outside scope
- Fixed an issue where user data wasn’t always removed when removing a user’s enrollment
Released March 10, 2020
- New start page for users, listing actions a user can take.
- User management could display inaccurate value for “Time until password must be changed.”
- Added fallback language for customized text.
- User management pages are hosted on their own URL. Links from the admin tool will go there. Saved bookmarks will redirect to the new URL.
- Gatekeeper could unexpectedly switch between domain controllers, causing replication issues resulting in end user getting a “That took a bit too long” error message.
- If Gatekeeper fails to reset a user’s password, event log message has been set to warning level (previously information level).
- Gatekeeper Admin Tool: Improved error messages if migrating users from uReset 7.x fails.
Released January 23, 2020
- Added a Geoblocking feature that allows you to filter incoming requests based on geographical location (see Geoblocking for more information).
- Improved error messaging in case of Gatekeeper activation failure.
Released October 16, 2019
- Added option to configure default country code for Mobile verification enrollment
- Clarified allowed username formats when user is asked to enter username
- User Management
- Improved performance of user details page
- Added information about key recovery events to user details page
- Password start page
- Will now load color and logo customizations
- New unlock button if user only needs to unlock account
- Landing page improvements
- Only end user links to the left
- Added link to Key Recovery
- Fixed issues with Gatekeeper failing to activate due to proxy configuration and improved troubleshooting for Gatekeeper connectivity
- Fixed issues with saving uReset notifications
Released September 18, 2019
- Added three new languages: Polish, Korean and Czech
- Added support for migrating a single user from uReset 7 in addition to the batch version
- Fixed bug where migration from uReset 7 failed in some scenarios
- Fixed issue with not being able to select and copy text on the customization page
- Added missing Email column to exported not enrolled users report
- General stability imporvements
Released August 27, 2019
- Added support for customization on landing pages.
- Added various missing information in logs for Specops Key Recovery.
- Fixed bug in Specops Authentication PowerShell CmdLets when domain name was shorter than 3 characters.
- When used with Specops Password Policy, fixed issue with unsatisfied password dictionary rule displaying incorrect information message.
Released July 25, 2019
- Added Specops Key Recovery for BitLocker.
- Fingerprint usability improvements when authenticating on a mobile device.
- Various fixes for multiple AD domain environments.
- Fixed bug when exporting CSV of not enrolled users report.
Released June 19, 2019
- Updates to customization functionality in Specops Authentication Web. These customization improvements make it easier to change the look and feel of the Specops Authentication end-user interface, including colors, text, and logos. For more information, see here.
- Mobile Bank ID is enabled for customers using the EU data center from 8.5 onwards.
Released May 20, 2019
- Various improvements for customers using the uReset feature in Active Directory environments with multiple domains.
Released May 8, 2019
- Support for Specops Key Recovery: This is a self-service solution for unlocking encrypted computers. If a user is locked out at the pre-boot screen, they can use Specops Key Recovery to unlock the computer, without needing to call their organization’s helpdesk. For more information, click here.
Note: To use Specops Key Recovery, you must have a Specops Key Recovery license.
Released April 16, 2019