The Release Notes provide a summary of new features and changes since the last release. The Release Notes can help you evaluate whether an upgrade is necessary. For the Specops Authentication Client Release Notes, click here.
- Added support for multiple push devices for the Okta identity service.
- Added support for Kerberos Integrated Authentication.
- Fixed issues when setting up Gatekeeper using gMSA.
- For some ID services, the "back" button could be missing, preventing user from changing to another ID service.
- Users can now unlock an account, even though Change Password is not currently allowed.
- Deleting Trusted IP ranges now requires confirmation.
- Deleting a geo-blocked country now requires confirmation.
- Logging clarifications for Azure AD password resets.
- Improved message in Gatekeeper Admin when checking for new version if the latest version is downloaded but not installed.
- Logo for Google Authenticator updated to reflect changes from Google.
Released August 29, 2023
- Authentication with Swedish Mobile BankdID could fail unexpectedly.
Released August 16, 2023
- Changed default account type for Gatekeeper installation to Managed Service Account.
Released July 10, 2023
- Added support for Freja eID as identity service.
- Added new setting to make it possible to disable push notifications for the Fingerprint identity service.
- Added support for running Gatekeeper service with Group Managed Service Account.
- Improved usability for self service resets/changes if rejected from a third party password filter in Active Directory.
- Showing IP address to end user if getting blocked because of trusted network requirement.
- Updated the M365 integration to use Microsoft Graph API instead of MSOnline.
- Fixed an issue where creating a Gatekeeper could sometimes fail.
- Added a banner for cloud accounts describing the account restrictions
Released June 27, 2023
- Minor bug fixes.
Released June 02, 2023
- Added support to reset password in Azure AD for synced accounts.
- Added support for Duo OpenID Connect integration, that includes support for Duo Verified Push and more.
- Updated the Readme file for scripted installation of Gatekeeper.
- The change password link that is visible when entering the wrong password is no longer visible if uReset is disabled or if the user is not enrolled.
- The styling is now aligned with that of the dynamic feedback at password change found in the Specops Authentication Client shared with Specops Password Policy.
- All users' proxy email addresses are now disallowed from being used with the Personal Email identity service.
- The phone number for cloud accounts will now always be masked.
- Fixed issue when counting user enrollments for Manager Identification and a Manager was being out of scope.
- Made improvements to the enroll session links for enrolling cloud accounts. The enroll session links can now also be revoked.
- Added support for domain used for RSA SecurID Federal (United States) in Specops Authentication cloud configuration.
Released May 30, 2023
- The Mobile BankId identity service now implements the secure start, users must scan a qr code to start the authentication.
- Added a new step to the Gatekeeper installation wizard; new step includes the possibility to add members to security groups during installation.
- Added a new step to the Gatekeeper installation wizard; new step includes the possibility to select a Domain Controller to be used during the installation.
- Gatekeeper icons have been updated to follow the new color scheme.
- Fixed issue where Breached Password Protection statistics were not sorted in the same order as other products.
- Added a column with local time to the audit report export.
- For customers with Gatekeeper SMTP configured, emails can now be sent to email addresses that exist outside of the customer domain.
- Improved messaging when doing a password reset through Secure Service Desk and the user has an email address with a non-verified domain.
- The texts and buttons on the password start page can now be customized.
- Fixed issue where a loading overlay could cause identity service configuration pages to become unresponsive.
Released April 04, 2023
- Added new powershell cmdlet Get-SpecopsAuthenticationGatekeeper to resolve which gatekeeper should be used, depending on priority and connection state.
- Added new mobile code setting that allows country code prefix to be resolved by using the user's IP address.
- Added support for disabling SMS/Email notifications when resetting a user's password from Secure Service Desk. The UI for configuring Password reset options for Service Desk in Authentication Web portal has been re-designed to support this.
- Added support for customizing the name of the following identity services:
- Mobile Code
- Personal Email
- Manager Identification
- Secret Questions
- Windows Identity
- Added new Caps Lock warning to relevant input fields.
- Added support for configuring a domain as preferred. The preferred domain is used when saving enrollment and other direct links listed in the Gatekeeper Admin Tool.
- Added support for hiding the user's personal email address from service desk agents in Secure Service Desk.
- Fixed issue where enrolling users through powershell could break when having multiple gatekeepers.
- Fixed issue where deleting/moving an Admin user out of scope could prevent further logins.
- Fixed issue where the selected phrases/password tab was not remembered correctly when using SPP together with uReset.
- Users can no longer enroll for the Personal Email identity service using their work email.
- "VPN-less password reset with cached credential update" is now enabled by default for new customers.
- Powershell scripts used for scripted installation will now always be signed.
- Secret Questions will no longer be included in the default policies for new customers.
- Simplified the gatekeeper installation wizard.
Released March 06, 2023
- Added support for Norwegian as a user interface language.
- Fixed issue where customers could get unexpected errors because an email provider was not configured correctly.
- Fixed issue where certain phone numbers were not considered to have correct format and could not be used with Mobile Code. Also fixed issue with not being allowed to input phone numbers without country code.
- Added some missing French translations.
- Improvements to handling of unresponsive domain controllers in multiple domain environments.
Released February 07, 2023
- Added SMTP email support for sending emails through the gatekeeper.
- Added support for customizing the "You are already enrolled" text.
- Added new setting for requiring unique answers to Secret Questions.
- Fixed an issue where cmdlet Get-SAUnEnrolledUsersIdentityService didn't return all unenrolled users.
- Fixed issue with Mobile Code where the default country code (+1) didn't work correctly when selecting Canada.
- The Gatekeeper Admin tool has been updated to use a new color scheme.
- Service Desk will now display an error message the Specops Password Policy policy includes a regex and can't auto generate passwords.
- All text messages will now be prefixed with the company name.
- Improved how Active Directory domain controller is discovered.
Released December 14, 2022
- Fixed issue with Symantec Endpoint Encryption Connection Status incorrectly showing “Not Configured”, when actually working.
Released November 24, 2022
- Twitter identity service disabled due to security concerns.
Released November 22, 2022
- The Office 365 tab in the Gatekeeper Admin Tool will not be visible anymore for customers without the Office 365 subscription.
- Secret Questions - Added additional logging when a user provides the wrong answer or is locked out of the Secret Questions identity service. The logs are created by the Gatekeeper and can be retrieved by the customer.
Released November 08, 2022
- Minor bug fixes.
Released October 03, 2022
- Added support to tag GPOs for managed users in Secure Service Desk. By tagging GPOs for managed users, only users targeted by tagged GPOs will be available in Secure Service Desk. License count will also be based on tagged GPOs.
- Fixed issue where the "Clear cache on All gatekeepers" button could show up twice.
- A new Secure Service Desk tab has been added to the Specops Authentication Gatekeeper Admin Tool. Secure Service Desk-related configuration has been moved/duplicated to this tab.
- Improved experience for cancelling a Mobile Bank ID authentication.
- Added support for customization of texts for RSA Token and SecurId app code description.
- Fixed issue with Admin reporting showing an error message to run user counting, even though it had already run.
- Fixed issue with text color not being set correctly (white), when customizing background color to black.
- Added informational message for reporting enrollment ratios when no data could be found.
- The uReset Feature setting in the Specops Authentication Gatekeeper Admin Tool has been moved, the setting is now called "Allow password resets" and can be found on the Active Directory tab.
Released September 26, 2022
- Added improved logging for communication between gatekeeper and backend.
- Fixed issue with manual user counting not working for customers with only Service Desk subscription.
Released September 08, 2022
- Fixed an issue where Enrollment Ratio details was not shown in some cases, even though data was available.
Released August 23, 2022
- Duplicate entries no longer displayed when viewing auditing and events.
- Statistics will be accurate from 1st August onwards.
Released July 12, 2022
- Stability fixes.
Released June 15, 2022
- Added support for adding enrollments from Secure Service Desk.
- Added support for using Manager identification in Service Desk as a quick verification.
- Added support for configuring Okta to always start on the menu page instead of automatically sending a push or SMS.
- Changed the name of "RSA SecurID" to "SecurID".
- Improved messaging in Secure Service Desk when user has an email domain that isn't verified. It will now be clearer when an email can't be sent.
- Improvements to the Gatekeeper Admin Tool. Active Directory Group names have been changed to more correctly reflect their usage. The Security groups section has been replaced by two new sections, "Administrative security groups" and "Service accounts security groups". The uReset tab now also has a link to Enroll.
- Default texts for "Send email" and "Send text message" in Secure Service Desk, can now be customized.
- Improved text color calculation when customizing background colors. Color contrast between background and text should now be better and more consistent.
- Company logo is no longer clickable.
- Fixed issue in Secure Service Desk user details, where the link to a user's manager could be missing.
- Improvements to policy editing. Identity services are now automatically sorted on add/remove. The list of selected identity services can be sorted on any column. Add/remove by clicking anywhere has now been replaced with add/remove buttons. Newly added but not saved identity services will also be highlighted.
- Improvements to Manager Identification in Secure Service Desk when using it as an advanced verification.
- Improved page navigation for uReset/Change Password tabs in the Admin portal. Editing a Change Password policy and saving it should now return the user to the Change Password tab.
Released May 30, 2022
- Added new customer setting to enable Okta SMS support. This setting must now be enabled to add SMS support in Okta.
Released April 26, 2022
- Added SMS support to the Okta identity service. Also renamed the identity service to Okta (previously Okta Verify) to better reflect the supported factors.
- Fixed a rare issue where users could receive an "Session expired" message when authenticating for an identity service.
- Password reset/change could fail with a message in the event log about "Method not found".
Released April 11, 2022
- Added new security group for "Reporting readers". Members of this group will have access to the reporting pages in the Specops Authentication Web.
- Customers can now add a custom "from address" to emails being sent from Secure Service Desk and the Email identity service.
- New passwords can now be sent to a user's manager or to a custom email address when resetting a password from Secure Service Desk.
- Recovery keys can now be sent to a user's manager or to a custom email address when unlocking a computer from Secure Service Desk.
- Improved error message that users receive when trying to authenticating from outside of trusted networks while not being enrolled with enough id services.
- Improved email message when verifying a user by email from Secure Service Desk.
- Gatekeeper could not be installed on systems with Intel gen 11 CPUs.
Released March 23, 2022
- Gatekeeper Loading user could fail, and eventlog showing error with event id 2005.
Released March 02, 2022
- Minor bug fixes.
Released February 16, 2022
- User history did not always display the name ("Performed By") of the service desk agent performing actions on the user.
- Improved support for Active Directory forests with multiple domains.
- When installing additional Gatekeepers, the already configured Active Directory scope settings were not always picked up and had to be re-selected.
- PowerShell cmdlets could fail with error message "Method not found" related to json serialization.
Released February 10, 2022
- Added ability for administrators to add scopes without having administrator privileges in those scopes. Administrators with the correct privileges can fix the scope status in the Gatekeeper Admin post-addition.
Released January 11, 2022
- Added support for importing IP ranges for Trusted Network Locations from file.
- Improved Specops Fingerprint enrollment information, also added a link to the app store.
- New customizable text on the password start page, the text about Password Reset and Password Change can now be customized.
- Fixed issue with emails containing apostrophe not working in the Password Reset app.
- Editing AD scopes no longer requires permission to all AD scopes, having permissions to the AD scope that is being edited is enough.
- Fixed typo in cmdlet name for Mobile Code (SMS) enrollment.
Released December 09, 2021
- Added authentication methods to support new ID service.
Released November 30, 2021
- Improved error handling when setting up Microsoft 365.
Released November 18, 2021
- Added GPO mode support for Change Password.
- Added option to disable enrollment notification during user counting.
- Changed default value for policy configuration to suggest GPO mode over cloud policy by default.
Released November 08, 2021
- New option to store mobile number in user's subobject. If this is enabled, the mobile number is stored encrypted, not accessible from Active Directory.
- New cmdlet Add-SAMobileCodeEnrollment to enroll users with the Mobile Code (SMS) identity service.
The Add-SAIdentityServiceEnrollment cmdlet no longer supports to enrolling for 'MobileCode'. Use Add-SAMobileCodeEnrollment instead.
- The change password button could unexpectedly be disabled.
- When customizing the menu background, the text color could be difficult to see.
- When configuring where Gatekeeper saves attributes in Active Directory, only single-valued attributes were allowed. Now also multi-valued attributes can be used.
- New button to "remove all" identity services when editing a policy.
Released October 19, 2021
- New report to show enrolled users.
- Service desk agent could not provide new password for users without email or mobile number set in AD. The new setting "Allow manual password override" now enables this, if the setting is enabled.
- Improved confusing error message if typing invalid code during enroll with Personal Email id service.
- Prefer Duo Security push devices and show device selection when using landline.
- New cmdlets for ”tagging” Group Policies: Get-SAGpo/Clear-SAGpoTag/Set-SAGpoTag.
- Changed Mobile Code (SMS) default to show "part of number" instead of the entire number.
Released September 14, 2021
- Features not enabled in a subscription could be clickable, but not working, and cause confusion to end users.
- Gatekeeper could get in a non-responding state where service restart was needed.
Released July 28, 2021
- Added new feature for masking phone numbers in Secure Service Desk.
- Added new feature for displaying and sending enrollment link from Secure Service Desk.
- Okta is now available as a quick verification in Secure Service Desk.
- Service desk settings page has an updated design.
- A new placeholder for user first name is now available when editing notifications.
- The default selected scope is now empty when running the Gatekeeper installation wizard. If the root is selected a warning will now be displayed.
- Adding images to notifications could fail without useful error message.
- Signing out from admin will now also sign out the user from Service Desk.
- The icons presented next to password/passphrase rules have been changed and should now be aligned with SPP password change UI. This should also improve visual feedback for people with color vision deficiency, since the icons now differ in both shape and color.
- Admin and Service desk policies are now identical by default.
Released June 09, 2021
- Added support for Yubikey as an identity service.
- Added support for showing rules/phrases in order as configured in Specops Password Policy (Only for users affected by Specops Password Policy).
- Improved error message during if user with 'must not change password' set in Active Directory attempts to reset/change their password.
- Enrolling with the Duo Security identity service could result in an error message.
- Improved user feedback when Duo Security has been configured to bypass two-factor authentication.
- Improved user feedback when a user has inactive/disabled/locked devices for Symantec VIP.
Released April 27, 2021
- Improved user experience for the Symantec VIP identity service.
- Added support for ‘quick verification’ to Symantec VIP from service desk.
- Added option to configure custom verification URL for service desk
- Improved usability when entering phone number for the Mobile Code (SMS) identity service, in particular for Internet Explorer users.
- Active Directory domain name with underscore (‘_’) was not fully supported.
- Integrated Windows Authentication could fail from Edge.
Released March 09, 2021
- Certain top level domain names, (e.g. .at/.ac) were not supported when signing up or adding new domain names.
- ‘Required’ flag on questions when configuring the Q&A id service was not always saved.
Released February 15, 2021
- Domain verification is now enabled by default for new installations.
Released January 13, 2021
- Okta: To prevent API tokens from going stale if not used for 30 days, these will now be refreshed by Specops Authentication after 20 days.
- Added support for traditional Chinese as a user interface language.
- Added support for PingID as an identity service.
- Changing/Resetting password could fail for users with short sAMAccountName (1 or 2 characters).
- Gatekeeper: Changed event id 239, for rejected password resets, to informational level instead of warning.
- From Internet Explorer, some identity services could fail unexpectedly due to too many redirects.
- Secure Service Desk: Added device selection for Duo Security identity service.
- Secure Service Desk: Loading user could fail if mobile attribute override was set to displayName or other commonly used attribute.
- Added domain name to unenrolled users report.
Released November 17, 2020
- Duo Security identity service now supports Auth API. This gives a better and more integrated user experience. Existing Duo Security configuration must be upgraded to bring this to end users.
- Quick verification has been enabled in Secure Service Desk for the Duo Security identity service. This requires configuring the Duo Security identity service to use Auth API.
Released September 30, 2020
- After authenticating with Fingerprint app on iOS, the Fingerprint app could fail to return to the originating browser.
- Authentication with Windows Identity could get stuck with a spinning wheel, never completing.
- Better indication if a user account in Active Directory has a malformed userPrincipalName.
- Users whose password had expired in Active Directory, could sometimes not change the password without doing a reset.
- User counting could be misleading in cases with multiple Active Directory domains.
- PowerShell modules were not signed.
Released September 08, 2020
- Bug fixes
Released August 06, 2020
- Fixed an issue where notifications for insufficient enrollment sometimes took longer to send or failed.
Released July 29, 2020
- Fixed an issue where displaying the text messages report took you to an error page.
Released July 21, 2020
- Added new cmdlet Clear-SAGatekeeperCache to clear Gatekeeper cache, to conform with what already is supported from admin tools.
- Added lockout settings for Mobile Code (SMS), Email and Personal Email identity services.
- Added notifications on admin web pages to indicate if there is a new Gatekeeper version available.
- Length of identity verification session is now configurable and displayed to Service Desk agent.
- Added configurable MFA policy for password change.
- Added option to customize name of Windows Identity id service.
- Added Service Desk setting for enforcing user to change password at next logon after reset, either mandatory or selected by Service Desk agent.
- Browser’s password manager could unexpectedly try to save password.
- Certain firewalls could drop connections while processing requests from browser to Specops Authentication .
- Improved usability of customization UI with display name instead of identifiers.
- Made cmdlets install with Admin tools instead of the Gatekeeper.
- Enterprise admins are now granted permissions to users’ sub-object. This does not apply to already existing sub-objects.
Released July 21, 2020
- First release of Secure Service Desk as a standalone product.
- Gatekeeper Admin – Added PowerShell cmdlet Update-SpecopsAuthenticationUrls to update ‘useful links’ URLs from cloud to AD settings container.
- Gatekeeper Admin – added PowerShell cmdlet New Update-SpecopsAuthenticationGatekeeperAdminTools to install Gatekeeper Admin Tool MSI.
- Added option for Service Desk agent to reset a user’s password to a generated password, without being able to see the generated password.
- Enabled Quick Verification (Email) for identity verification in Service Desk.
- Enabled customization of text messages from Mobile Code (SMS) id service.
- Added missing translations for some languages.
- Gatekeeper – After upgrading Gatekeeper, tabs in the admin tool were not always updated.
- Changed Email ID services to use time-based one-time password to improve usability and security.
- Fingerprint app on iOS could fail to resume correct web page after authenticating.
- Improved filtering for Service Desk statistics.
- Added support for Okta preview and EMEA domains.
- Added missing translations for Q&A page.
- If all default Q&A questions had been removed, it was not possible to add additional languages.
- Additional information about user displayed when opened in Service Desk.
- Added monitoring logging for user locked out of an Identity Service that a user can get locked out of (Mobile Code (SMS), Secret Questions, Email Id Services)
Released May 19, 2020
- Added a Trusted Network Location identity service which can be used to increase the authentication weight for requests from selected IP addresses.
- Added support for restricting user enrollment only from Trusted Network Locations.
- Added support for not presenting Captcha for users connecting from Trusted Network Locations.
- Added Email identity service for verification with email stored in Active Directory.
- Added Quick Verification identity service for verification using Personal Email address.
- Added Service Desk (formerly User Management) with user identification enforcement, and the ability to unlock user’s computers when locked with Bitlocker or Symantec Encryption.
Released April 29, 2020
- Simplified enrollment process for end users.
- Improved usability for Mobile Code (SMS) identity service.
- Added option to configure security level for user enrollment process to fit different organizations’ needs.
Released April 22, 2020
- Updated requirement for Gatekeeper and Gatekeeper Admin Tool s to .Net Framework 4.7.2.
- Added cmdlet to list users lacking enrollment for a specific id service (Get-SAUnenrolledUsers)
- Blocking regions could fail if the region selected didn’t have a locale in the operating system where Gatekeeper Admin Tool was running
- Start page for a user incorrectly showed the Change password button, even if the change password feature was disabled
- Improved error message from enrollment cmdlet if the user was outside scope
- Fixed an issue where user data wasn’t always removed when removing a user’s enrollment
Released March 10, 2020
- New start page for users, listing actions a user can take.
- User management could display inaccurate value for “Time until password must be changed.”
- Added fallback language for customized text.
- User management pages are hosted on their own URL. Links from the admin tool will go there. Saved bookmarks will redirect to the new URL.
- Gatekeeper could unexpectedly switch between domain controllers, causing replication issues resulting in end user getting a “That took a bit too long” error message.
- If Gatekeeper fails to reset a user’s password, event log message has been set to warning level (previously information level).
- Gatekeeper Admin Tool : Improved error messages if migrating users from uReset 7.x fails.
Released January 23, 2020
- Added a Geoblocking feature that allows you to filter incoming requests based on geographical location (see Geoblocking for more information).
- Improved error messaging in case of Gatekeeper activation failure.
Released October 16, 2019
- Added option to configure default country code for Mobile verification enrollment
- Clarified allowed username formats when user is asked to enter username
- Improved performance of user details page
- Added information about key recovery events to user details page
Password start page
- Will now load color and logo customizations
- New unlock button if user only needs to unlock account
Landing page improvements
- Only end user links to the left
- Added link to Key Recovery
- Fixed issues with Gatekeeper failing to activate due to proxy configuration and improved troubleshooting for Gatekeeper connectivity
- Fixed issues with saving uReset notifications
Released September 18, 2019
- Added three new languages: Polish, Korean and Czech
- Added support for migrating a single user from uReset 7 in addition to the batch version
- Fixed bug where migration from uReset 7 failed in some scenarios
- Fixed issue with not being able to select and copy text on the customization page
- Added missing Email column to exported not enrolled users report
- General stability improvements
Released August 27, 2019
- Added support for customization on landing pages.
- Added various missing information in logs for Specops Key Recovery .
- Fixed bug in Specops Authentication PowerShell CmdLets when domain name was shorter than 3 characters.
- When used with Specops Password Policy , fixed issue with unsatisfied password dictionary rule displaying incorrect information message.
Released July 25, 2019
- Fingerprint usability improvements when authenticating on a mobile device.
- Various fixes for multiple AD domain environments.
- Fixed bug when exporting CSV of not enrolled users report.
Released June 19, 2019
- Updates to customization functionality in Specops Authentication Web . These customization improvements make it easier to change the look and feel of the Specops Authentication end-user interface, including colors, text, and logos. For more information, see here.
- Mobile Bank ID is enabled for customers using the EU data center from 8.5 onwards.
Released May 20th 2019
- Various improvements for Active Directory environments with multiple domains. Customers affected by multi-domain issues are recommended to upgrade their Gatekeeper.
- Support for Breached Password Protection Express when used with Specops Password Policy 7.1 and later. The Breached Password Protection Express rule will be displayed to users when they change their password.
- Support for length-based password aging when used with Specops Password Policy 7.1 and later. The length-based password aging setting will be displayed to users when they change their password.
Released May 15, 2019
- Support for Specops Key Recovery : This is a self-service solution for unlocking encrypted computers. If a user is locked out at the pre-boot screen, they can use Specops Key Recovery to unlock the computer, without needing to call their organization’s helpdesk. For more information, click here.
Released April 16, 2019
- Administrators can redirect the Specops Password Reset mobile app, so that it points to Specops uReset 8 and above, instead of Specops uReset 7.12 or Specops Password Reset applications.
- When signing up for a Specops uReset 8 account, administrators can now choose either the European (EU) or North American (NA) data center.
- Added domain name protection in URLs. This prevents an account from being accessed using a registered domain name. When this is enabled, all references to a domain name in application URLs are replaced by obfuscated IDs.
- Some users were not being moved, when attempting to migrate them from Specops uReset 7.12 to Specops uReset 8.0.
- If a Manager Identification request cannot be sent (because of missing or invalid email addresses), end-users will now receive a report notifying them.
- If a user sees the User must change password at next login flag, they are now guided to the Change Password page when trying to use their password within Specops Authentication .
- Improved error handling for session timeouts. When a session timeout occurs, users can now click a button to return to where they started.
Released February 28, 2019
- The version number has been incremented from 7.12 to 8.0.
- uReset customers upgrading from version 7.12 or earlier will need to migrate their enrollments. Contact your account representative for more information.
- Fixed an issue in which the online dictionary rule wasn’t displayed when users reset or changed passwords.
- Gated MFA – This function makes it possible to protect one identity service with the help of another to prevent misuse. For example, this requires users to enter a Mobile Code (SMS) before being allowed to sign in with their password.
- The minimum length for Secret Questions can now be configured by each user.
- The Symantec VIP Identity service now supports auto-enrollment.
Released November 14th, 2018
- Password change support on the Authentication Web .
- Support for authentication with the EFOS/SITHS identity service.
- Support for displaying the Breached Password Protection rule during password change. This is applicable to Specops Password Policy customers with the Breached Password Protection add-on.
- Support to sign-in with email address/samAccountName on the Authentication Web .
- Setting to disable Captcha in the ADAL Browser.
- New contact information fields during account creation.
- Option to Test Connection with the Duo Security identity service.
- Support for different Active Directory attributes when configuring the Duo Security, and Symantec VIP identity service.
- Default “User must change password at next login” setting when a user password is reset from the User Management pages on the Authentication Web.
- Automatic sign-out from the Authentication Web (following a password reset/change, or 30 minutes of inactivity).
- Option to configure the maximum weight (star assignment) of an identity service.
- End-user verification with one-time SMS code from the User Management pages on the Authentication Web .
- Setting to allow Administrator and User Management users to be outside the scope of management.
- Configurable auto/manual enrollment for the Mobile Code (SMS) identity service. If auto enrollment is selected, users with a mobile number in Active Directory will be automatically enrolled with the Identity Service.
- Various improvements to the Migration Wizard.
- Various improvements to the user experience, including a new top navigation menu, and additional information on several pages on the Authentication Web , and the Gatekeeper Admin Tool .
- Option to remove the “Unicode” password rules text displayed to the end-user during a password change.
Released October 23, 2018
- In some scenarios, the end-user received a “Failed to validate captcha” error during authentication and had to try again.
- Accessing the Enrollment page from the Client menu shortcut, results in a “can’t reach this page” error on older versions of Microsoft Edge.
Released July 25, 2018
- New shared web interface and Gatekeeper with Specops uReset . You can access both products from a single interface and allow users to extend their multi-factor authentication enrollments to verify themselves during a password reset. For more information, contact your account representative.
- Language support for Dutch, French, German, Russian, Spanish, Swedish, Simplified Chinese, Japanese, Portuguese.
- Support for multiple Active Directory domains in the same forest.
- Delegated permissions for Gatekeeper installation. Gatekeepers can now be configured by a user that does not have administrative permissions on the domain level. The user can configure Specops Authentication for an organizational unit where they are an administrator.
- Added drop-down for picking country code when using the Mobile Code (SMS) identity service.
- Redundacy with multiple gatekeepers (if using the new Authentication Gatekeeper).
- The Helpdesk interface has been redesigned and renamed to User Management.
- Added option to allow the end-user to enter their North American local numbers, without entering a country code, when using the Mobile Code (SMS) identity service.
- Improved design for the Specops Authentication start page.
- In some scenarios, the end-user received multiple mobile codes when using the Mobile Code (SMS) identity service.
- Various improvements to the user experience, including for some error scenarios.
Released July 18, 2018
- Added cmdlets for administrator enrollment.
- Swedish language support.
- In some scenarios, when multiple Gatekeepers were installed, Gatekeepers with lower assigned priorities were used when a Gatekeeper with a higher assigned priority was available.
- During authentication, the company logo in the ADAL browser linked to the Specops Authentication start page.
- Improved user experience when installing multiple Gatekeepers for redundancy.
- Removed read-only domain controllers when selecting preferred domain controller for Gatekeepers.
- Reorganized Reporting, Monitoring, and Statistics menus on the Specops Authentication web.
Released April 25, 2018
- Reporting menu for tracking user enrollment progress.
- If the captcha prompt was closed before finishing the captcha, the user could get stuck on the page.
- In some scenarios, multi-factor authentication failed in the ADAL browser if one identity service was remaining.
- Switching between statistics tabs saved the previous filter.
- Progress bar display when upgrading the Gatekeeper.
- Added option to force the Gatekeeper service to use a specific domain controller.
- Increased Sign out button visibility on mobile browser.
Released April 11, 2018
- Support for proxy server customization during Gatekeeper setup.
- Support for user counting (nightly and manual) complete with statistics.
- Text customization for various end-user text elements.
- Audit tracking for various events on the Specops Authentication web.
- Additional text customizations for end-user text elements.
- Security improvements for various user scenarios.
- Improved experience when using the Specops Authentication admin tools while accessing the Gatekeeper remotely.
- Various design improvements to the administration pages on the Specops Authentication Web .
- Added sign out button during multi-factor authentication. This will allow the user to sign out of all identity services before they have completed authenticated with Specops Authentication .
Released March 26, 2018
- Email and SMS notifications for various events, including Manager Identification requests.
- Multi-factor authentication policy for previously enrolled users when accessing their enrollment.
- Detailed view of Specops Authentication usage, including identity service usage, number of sent text messages, and successful authentications to O365.
- Detailed view of Specops Authentication subscription.
- The Manager Identification identity service can be configured to display the name (or partial name) of the manager to the end-user.
- Various improvements to the user experience, including for some error scenarios.
- Moved customer specific Duo Security configuration information to the customer’s Active Directory.
Released February 20, 2018
- Moved customer specific O365 configuration to the customer’s Active Directory.
- Various improvements to the user experience, including for some error scenarios.
Released January 29, 2018
- Added an enrollment reminder when a user with an incomplete enrollment signs in to O365.
- In some scenarios, the Gatekeeper status displayed not connected, when it should have displayed connected.
- During authentication with Windows Identity, the password reveal button (eye button) was missing.
- During the Gatekeeper installation, selecting a custom domain account, and switching to a managed service account, resulted in an error.
- Accessing the customization features on the Specops Authentication web, when logged in with the installation account, logged the user out.
- The Symantec VIP configuration page did not apply the CSS custom file.
- Enrolling with the Specops Fingerprint App did not work if the enrollment was initiated on the same device used to authenticate with the Fingerprint app (iOS and Android).
- Various improvement to the user experience, including for some error scenarios.
Released January 15, 2018
- Downloading the MetaData file for Symantec VIP the second time did not produce the same file.
- Enrolling with the Specops Fingerprint App did not work if the enrollment was initiated on the same device used to authenticate with the Fingerprint app.
- Unable to disable an O365 domain that did not exist in Azure AD.
- Various small improvements to the user experience, including for some error scenarios.
Released December 28, 2017