Privileged Password Management, Administrative Password Management, Password Manager, PassTrix, Password, Password Management Software, Password Generator.

UpdateStar is compatible with Windows platforms. UpdateStar has been tested to meet all of the technical requirements to be compatible with Windows 10, 8.1, Windows 8, Windows 7, Windows Vista, Windows Server 2003, 2008, and Windows XP, 32 bit and 64 bit editions.

Simply double-click the downloaded file to install it. UpdateStar Free and UpdateStar Premium come with the same installer. UpdateStar includes such as English, German, French, Italian, Hungarian, Russian and. You can choose your language settings from within the program.

ManageEngine Password Manager Pro - Release Notes Password Manager Pro release (9402) (15 th December 2017) Bug fixes: • Earlier, while editing a resource via RESTful API, changing the type of the resource was not supported. The API has now been enhanced to allow the modification of this attribute. • Earlier, while trying to add a new value or edit the existing value of a resource-level additional field via RESTful API, the action also reset the values of other additional fields of that resource and the fields became empty. This has been fixed now. • Earlier, in the MSP edition, while revoking a client org's 'Manage Permission' for a set of admins, the action could not be completed if the number of selected admins exceeded 25. This has been fixed.

• From v9400 till v9401, shared resource groups did not show under 'Password Explorer' for administrators and users alike. This has been fixed. Password Manager Pro release (9401) (11 th December 2017) Bug fixes: • In v9400, 'Change Private key' was not working for users without Key Manager Plus license. This has been fixed now. • In v9400, users without Key Manager Plus license continuously received Let's encrypt renewal schedule notification mails.

This has been fixed now. • In v9400, schedule execution failed in other organizations when running in MSP client org. This has been fixed now. • From v9200 till v9400, RDP remote session was not working for users having user name starting with the letter 'U'. This has been fixed now. • From v9000 till v9400, clicking upon 'Agent Alerts' notification, popped up 404 error. This has been fixed now.

Password Manager Pro Release 9.4 (9400) (30 th November 2017) New Feature Key Manager Plus Integration The tight integration brings all features of Key Manager Plus right inside Password Manager Pro to provide a complete Privileged Identity Management solution.This help enterprises centrally manage, monitor, control and audit the entire life cycle of privileged passwords, SSH keys and certificates from a single user interface. Security fix: • From v9000 till v9300, there were reflected XSS issues in the URLs 'SearchResult.ec and BulkAccessControlView.ec'. This reflected XSS issue has been fixed now. Bug fixes • From v9000 till v9300, 'Export Passwords' option was listed under 'Resource Actions' even when 'Export/Offline Access - Allow admins and users to export password information to plain-text spread-sheet (.xlsx)' was disabled. This has been fixed now. • From v8700 till v9300, Users, assigned with custom roles created with the privileges of a password user, were not able to invoke the 'Join Active Sessions' action under Audit ->Remote Sessions.This has been fixed now.

Password Manager Pro Release 9.3 (9300) (7 th November 2017) New Feature • File Transfers Over Remote Desktop Sessions Henceforth, in real-time Windows RDP sessions launched via Password Manager Pro's session gateway, users can securely transfer files from local machine to remote target machine, and vice versa. Enhancements & Bug Fixes • Password Manager Pro now uses captcha services during application login to enhance security. The users will be required to resolve a captcha when they enter an invalid username/password for five continuous login attempts. • Earlier, out of the remote sessions (RDP, SSH, and SQL) launched via Password Manager Pro's session gateway, one or more of the sessions at random still continued to show under the 'Active Privileged Sessions' tab even when those sessions had already been terminated by respective users. This has been fixed. • Earlier, the results for 'Find Out of Sync Passwords' action executed for a resource group showed that all passwords were in sync even when passwords for one or all of the Windows resources in that group were not in sync.

The wrong results were captured in the audit records as well. This has been fixed. • Earlier, when a user clicked on the 'Forgot Password?' Link in the Password Manager Pro (PMP) login screen to set a new password via email, the email could not be validated if the recipient's email address contained an apostrophe. This has been fixed.

• From v8600 till v9200, in Azure AD user/user groups import, only a maximum of 100 users/user groups could be imported. This has been fixed to allow users/user groups import without any count limitation. • From v8700 till v9200, users faced blank page issues when the custom role assigned to them did not allow specific actions in that page. For instance, under dashboard provisions, if a user is allowed to access only the user dashboard and not the password dashboard, clicking on the 'Dashboard' button in the left navigation pane displayed a blank white screen upon loading. This has been fixed. • From v9000 till v9200, under 'Resources' tab, the users faced specific search and page navigation issues after they had accessed a resource group displayed in the 'Password Explorer' tree view. The following bugs have been fixed: • In case of search, when a user used the in-line search option available for 'All My Passwords' (or any other tab under 'Resources'), then navigated to a resource group via the tree view and returned back to 'All My Passwords' page, the typed-in search term and the respective results were still retained and displayed.

• When a user navigated between pages under tabs such as 'Passwords' or 'Favorites', then clicked on a resource group via the tree view and returned back to the tab accessed earlier, the page number (2 or above) that had been selected previously was launched instead of the first page. • From v9000 till v9200, the global search option in the top pane did not work properly when the search term contained the ampersand sign ( '&' ). For instance, if the search term was 'AT&T', search results were returned only for 'AT', i.e. Only for the characters before the sign. This has been fixed.

• From v9000 till v9200, when the account name of a resource contained more than 140 characters, the corresponding Account Actions and Resource Actions icons did not work for that account. This has been fixed. • From v9000 till v9200, when the URL length of a resource was more than 700 characters, the corresponding Resource Actions icon did not work.

This has been fixed. Password Manager Pro Release 9.2 (9200) (12 th October 2017) New feature IIS Web.config discovery Password Manager Pro can now identify the domain accounts which are used in the connection string of IIS web.config files that are stored in PMP. While changing the password of the domain accounts stored in Password Manager Pro, it can automatically update the password in the IIS web.config files.

Enhancements and fixes • Password Access Control Workflow has been upgraded. With this update: • One or more user groups can be designated to approve password access requests. • Earlier, some users can be excluded from access control. Now, you have an option to exclude both users and user groups from access control. • Users can specify when they want to access the password - now or later, while making a request and can also send a reminder mail before the access time. • Similarly, administrator can specify when the user can access the password - now or later, while processing the request. • In addition, users can be enforced to provide reason for password retrieval. • Reminder e-mail can be sent to the administrator to approve the password request before the stipulated time.

• A grace time of upto 60 minutes can be provided to the user when the access time ends. • Auto check-in time can be specified when the request is approved by the administrator. • Maximum time period can be specified after which the pending access request becomes void. • Password Manager Pro now integrates with ManageEngine ServiceDesk Plus by validating change request in addition to the ticket ID entered by the user in the ticketing system. And validated occurs only when the change ID provided is approved in ManageEngine ServiceDesk Plus. • Password Manager Pro enables recording of RDP remote session launched from the product and you can trace the recorded RDP remote session through the resource name, user who launched the session, time at which the session was launched.

In addition, start and stop audit for RDP remote session has been enhanced now. • In v9000 and above, the mail notification sent to the users about the access permission shared or revoked contained blank values. This has been fixed now. • In v9000 and above, 'resource actions' icon was not listed for user with custom role 'edit resource'.

This has been fixed now. • From v9200 and above, a resource can also be searched in the search column by providing the resource URL. Earlier, a resource can be searched only by providing the resource name, description or resource type.

• In v9000 and above, configure access control deactivation for resources in bulk was not working. This has been fixed now. • In v9100 and above, when enabling two factor authentication - Duo security, the screen hangs at 'Initializing web client'. This has been fixed now. • In v8704 and above, Secondary DNS field in WindowsDomain resource type was removed. This has been fixed now.

• Earlier, already existing resource type can be added again with change in alphabet case (lower case or upper case). This has been fixed now.

• Earlier, addon failed to auto-fill passwords to the websites in client org. This has been fixed now. • Earlier, Access Snapshot was not working upon clicking 'View per page' to 50 / 75 / 100 resources. This has been fixed now. • Earlier, Windows discovery fails when the username / password contained angular brackets and the harmful content audit has the actual password in clear text.

This has been fixed now. Password Manager Pro Release 9.1 (9101) (7 th August 2017) Enhancements & Fixes • SparkGateway that comes bundled with Password Manager Pro has been upgraded from v4.6 to v5.0. With this update, RDP sessions can now be launched over TLS 1.2 to machines in which previous TLS versions have been disabled. • Earlier, while integrating Amazon Simple Email Service (SES) with Password Manager Pro under 'Mail Server Setting', secure connections over SSL or TLS could not be configured. This has been fixed. • From v8500 till v9100, Active Directory Single Sign-on could not be enabled if the 'Secondary Domain Controllers' field held more than 100 characters.

This is now changed to accept up to 250 characters. • From v9000 till v9100, any resource/account/resource group access permission changes for user groups were not notified via email despite the alert configuration under General Settings. This has been fixed. • From v9000 till v9100, the 'Edit User' screen did not load the Duo Username for Duo TFA-enabled users. This has been fixed.

• From v9000 till v9100, duplicate names could be assigned for two user groups by changing the name of one group in 'Edit Group Attributes' to match the other group's name. This has been fixed. • From v9000 till v9100, users were unable to download files stored under the 'File Store' resource type. This has been fixed.

• When Password Manager Pro (from v9000 till v9100) was launched on Firefox 54, checkboxes weren't displayed across multiple tabs such as Resources, Users, and Groups. This has been fixed. Password Manager Pro Release 9.1 (9100) (13 th July 2017) New Features • JIRA Service Desk Integration Out-of-the-box support for Password Manager Pro to readily integrate with JIRA Service Desk integration to automatically validate service requests related to privileged access. • Salesforce - New Resource Type Support for Remote Password Synchronization Support for remote password reset and verification of Salesforce resources.

Enhancements & Fixes • Replication of Additional Attributes for Default Resource Types Across Client Organizations (MSP Edition) Earlier, MSP admins could only replicate the custom resource types in MSP org across all client organizations. Now, MSP admins can also replicate any additional resource and account attributes added to the default resource types also across the client orgs. • In v8000 and above, Mac account discovery for Linux resources did not work properly and only root account were discovered instead of all user accounts. This has been fixed now. • Earlier, while retrieving the list of resources that are owned/shared to an API user with RESTful API, only those resources with at least one account associated under them were retrieved. This API has now been enhanced to also retrieve resources without any associated accounts.

Password Manager Pro Release 9.0 (9003) (16 th June 2017) Bug Fixes • In v9000 and above, when an admin clicked on a resource group displayed in the 'Password Explorer' tree view and then tried to add a new resource, they were unable to proceed to the accounts addition step. This has been fixed. • In v9001 and above, while discovering Windows resources in a domain, the local accounts of the member servers were not fetched automatically during the process. This has been fixed. Password Manager Pro Release 9.0 (9002) (13 th June 2017) Bug Fixes • In v9001, the 'Domain Name' field was missing in the 'Add Resource' and 'Edit Resource' screens for Windows resources. This has been fixed. • In v9000 and above, in the Manage >>Scheduled Tasks UI, the 'Schedule Actions' menu icon did not respond for the 'Recorded Sessions Purge Schedule'.

This has been fixed. • In v9000 and above, users logged in to Password Manager Pro using a Firefox browser were unable to change the default skin color of the application under 'Personalize' options. This has been fixed.

• In v9000 and above, the search option in the Organizations tab did not work for MSP editions. This has been fixed. • In v9000 and above, when the GUI language was set as another option apart from English, the global search option in the top pane did not work. For instance, when a particular resource was searched for, all resources were displayed instead in the results. This has been fixed.

Password Manager Pro Release 9.0 (9001) (2 nd June 2017) New Features, Enhancements, Changes & Fixes • Replication of Custom Resource Types Across Organizations (MSP Edition) • MSP admins managing the resources of multiple clients can now replicate custom resource types in MSP org across all the client organizations. In addition, the MSP admin can choose whether the password reset listeners configured in the MSP org should also be replicated along with the custom resource types. • In v9000, the search option provided for 'Recorded Sessions' under Audits did not work for users. This has been fixed. • In v9000, while copying usernames of resource accounts that consisted of the '@' sign, pasting the same resulted in invalid characters in the copied username.

This has been fixed. • In v9000, while editing resources in bulk, if any of the selected resources had notes stored under them, the notes field of that resource became empty once the edits were saved. This has been fixed. • In v9000, when an existing custom report was edited and saved, the 'Mail Report as' option under Schedule Report settings for that custom report was automatically reset to PDF from earlier configured setting if any.

This had been fixed. • In v9000, under the Personal tab, passwords created using the password generator were displayed twice continuously when the user tried to view them. This has been fixed. • In v9000, while adding a new custom listener, the save button did not work and the details could not be saved. This has been fixed. • In v9000, after enabling two-factor authentication, the RADIUS username for a user continued to appear empty in the 'Edit User' window even though values provided for the same reflected in the database.

This has been fixed. • In v9000, while editing user details, the fields to add RDP and VNC ports in the 'Edit User' window were missing. This has been fixed now. • In v9000, while editing IBM-AIX resources, the checkbox for pwdadm command execution was missing in the 'Edit Resource' window.

This has been fixed. • In v9000, when two-factor authentication (TFA) is enabled, the option to edit TFA usernames in bulk was missing in the 'More Actions' menu under Users tab. This has been fixed. • In v9000, during new resource addition, a DNS name consisting of underscore ( _ ) symbol was not accepted and as a result, the resource could not be saved. This has been fixed. • In v9000, while adding resources of the type website accounts, if 'Resource URL' value was defined using the format%DNS_NAME%, users faced an issue with launching the URL in a new browser tab.

This has been fixed. • In v9000, while importing resources from a CSV file, if resources already existing in the Password Manager Pro database were configured not to be imported, the next resource in the row below the existing resource was also not imported from the file. This has been fixed. • In v9000, when a user clicks on the 'Forgot Password?' Link in the Password Manager Pro (PMP) login screen and requests for a new password, the corresponding email was sent twice to the user's address if they were using IE browser for PMP. This has been fixed.

• In v8601 and above, when two-factor authentication (TFA) is configured, the users faced login failure issues at random while signing in to their Password Manager Pro account. This has been fixed.

• Earlier, when a resource was shared with a user and the user eventually marked that resource as their favorite, the resource still showed up in the user's 'Favorites' and 'Recently Accessed' lists even after its share permission had been revoked. This has been fixed. • Earlier, while creating a custom report of the types 'Resource Audit' or 'User Audit', if the user had set custom dates for 'Expiration Date' as well as added multiple criteria with an 'OR' setting, the date limits did not apply in such scenarios and the report was generated from all the audit records available. This has been fixed.

• Earlier, while fetching the list of services that are run using a Windows Domain user account, if the name of a particular Windows service consisted of a colon symbol (: ), the characters present after the colon in that name were not fetched. This has been fixed.

• Earlier, MS SQL server replication for High Availability could not be configured if the username or password of either the primary or secondary backend database contained a single quote ( ' ). This has been fixed. Security Fixes • XSS vulnerabilities found in 'Edit User' and 'Password Policies' features, which resulted in unauthorized permission to execute arbitrary commands, have been fixed. • Earlier, to reset the login password of one's Password Manager Pro account through 'Forgot Password' method, the user had to click on the given link in the login screen, provide username and email details, and then the new password was directly sent to the provided email address.

Henceforth, after providing username and email details, the user will only receive a link to their inbox and will be able to access the new password upon clicking that link. • Jespa that comes bundled with Password Manager Pro to support NTLM authentication has been upgraded from v1.1.22 to the vendor's latest release v1.2.0, which now uses TCP transport instead of SMB for MSRPC communications.

Password Manager Pro Release 9.0 (9000) (28 th April 2017) New Features, Enhancements, Changes & Fixes • New User Interface From build 9000 onwards, Password Manager Pro will switch to a new user interface (UI) in order to improve user experience. The rich, modern look of the new UI embraces the flat design, and includes enhancements to the speed and usability of the application. Users will be able to navigate between tabs quicker than before and access data without multiple page reloads, thereby equipping admins to get their jobs done faster. This simple and responsive design is optimized across both mobile and web platforms to provide a wholesome experience to the user. • Important Change in the Design of Criteria-based Dynamic Resource Groups From build 9000 onwards, for criteria-based dynamic resource groups, criteria will be applied only on the resources owned by the group owner and on the resources owned by the administrators who have manage permission to the group.

Criteria will not be applied on the shared resources. This represents a significant change from the existing design. At present, criteria gets applied on all resources that are owned by the user who is creating the group and on the ones shared with 'Manage' permission. Shared resources are being excluded in the new version. Once you move to the latest version, some resources that were part of a criteria-based dynamic group created by you would have been removed from the group due to this change. In the new design too, administrators who have access to a dynamic group with 'Manage' permission (henceforth known as 'Full Access' permission) shall be able to add the resources owned by them to that group.

That means, the resources owned by them shall become part of the dynamic group upon satisfying the criteria. Note: This change was introduced in PMP 8.0 for those who installed the full version afresh.

That means, for customers who have directly installed builds 8000 and above, this behavior remains the same. The above change will be felt only by customers who have been using Password Manager Pro before the 8000 build was released. • MIB Update for SNMP Trap Settings This version includes an update to the MIB (MANAGEENGINE-PMP-MIB), which is integral to SNMP trap configuration in Password Manager Pro. As part of the update, the OIDs used to identify the VarBinds have been revised. • In v7000 and above, while retrieving passwords, if the user was enforced to provide a reason as configured by the admin, the user was able to retrieve passwords from 'Pass Cards' and 'All My Passwords' UI by adding just a space in the reason field.

This has been fixed. • In v8600 and above, when Azure Active Directory (AAD) authentication was configured and enabled for users, users from only one specific AAD tenant were able to log in to Password Manager Pro using their AAD credentials while users in other tenants faced login errors. This has been fixed now, by updating the value of the endpoint to which the sign-in requests are sent from Password Manager Pro. • In v8700 and above, role summary report could not be generated for a role if the respective role name comprised Japanese characters. This has been fixed.

• In v8700 and above, admins using Password Manager Pro's Premium edition were unable to create API users even though XML-RPC API/SSH CLI access and related operations were allowed in the premium edition. This has been fixed. • In v8700 and above, if an admin disables the 'Personal' tab for users by unchecking the respective option under General Settings, the option itself disappeared from view the next time when the admin accessed General Settings. This has been fixed. • Earlier, in MSP editions, client organizations that had been marked as favorite by respective users were not displayed at the top of the list as they should be. Instead, the client org that one user had most recently marked as their favorite was globally displayed at the top for all users. This has been fixed.

• Earlier, while importing users from AD/Azure AD, when the admin specifies the users to be imported as comma separated values, the action resulted in error if there was spacing after the commas. This has been fixed. • Earlier, when users share their resource group with other users, the former faced resource group duplication issues in their UI dashboard whenever the latter added a new resource to that shared resource group. This has been fixed. • Earlier, while adding an account under a resource, the account could not be saved if the user had earlier enabled a custom password field under 'Account Additional Fields' and entered a password containing specific special characters including Greater Than/Less Than ( ' ) symbols in that field.

This has been fixed. • Earlier, during manual resource addition operation, the user was able to add two different accounts under the same name but different casing. However, while saving the added accounts, the second account's user-provided password was automatically replaced with the first account's password. This has been fixed. • Customers who upgraded to 8700 from any of the older versions faced an issue with the 'Personal' tab, i.e. If they had earlier disabled the Personal tab for users, the provision was automatically enabled for users after the upgrade. This has been fixed.

Password Manager Pro Release 8.7 (8704) (06 th April 2017) Security Fix • In v8600 and above, after launching an RDP session, the users were able to view the shared RDP password in plain text by opening the page source of the respective session tab, even when they were not authorized to view the password. This has been fixed. Password Manager Pro Release 8.7 (8703) (04 th April 2017) Issues & Fixes • Earlier, when details such as role name, description etc.

Were provided in Japanese while creating new user roles, the Japanese characters were not displayed in any of the corresponding role reports that were exported as PDF. This has been fixed. • Earlier, when a scheduled password reset was carried out for a Windows domain account after password expiry, the reset action results were at times audited as failed even though the password was successfully reset in the resource. This happened if the domain account had services and IIS app pools associated with it.

This has been fixed. Security Fix • Earlier, when scheduled password reset was triggered for a Windows domain account, the new password of the account was printed in plain text in the logs if the Log Level setting was configured as 'DEBUG'. This has been fixed. Password Manager Pro Release 8.7 (8702) (09 th March 2017) Issues & Fixes • Earlier, when users who use Password Manager Pro's Standard or Premium edition upgraded their installation to v8700 and above, features that were unrelated to the edition they use were displayed in the product GUI.

This has been fixed now. • In v8700 and above, remote sessions launched by users with user-type roles (that is, non-administrators) were not recorded even though session recording was configured globally for all users.

This has been fixed now. Password Manager Pro Release 8.7 (8701) (16 th February 2017) Enhancements & Fixes • In v8700, under custom roles feature, when a group of users were moved in bulk from their current roles to an administrator-type role using 'Change Roles', the operation failed during certain circumstances owing to insufficient number of administrator licenses even though adequate licenses were in fact available. This has been fixed now. • Earlier, when super administrators carried out edits to their own profile such as password policy or email ID changes, they lost their super administrator privilege automatically when they saved the edits; and they were reverted to their old role. This has been fixed now.

• In v8700, when an administrator viewed the list of users who were members of a user group, the database values of the users' 'Role' column were displayed in the web UI table view. This has been fixed now. Security Fixes • Earlier, while importing resources from a CSV file, when 'Overwriting of existing resources' is enabled by a user along with a configuration setting to overwrite a resource only when it is owned by that user resources owned by other users were overwritten in certain circumstances despite the owner check. This has been fixed now. • A function level access control vulnerability resulted in unauthorized permission which allowed an user to lock their own Password Manager Pro account, This has been fixed now. • A function level access control vulnerability resulted in unauthorized permission which allowed a user to change their current role to another administrator-type role.

When a user was assigned a custom role with operational scope only to 'Change user roles' and no other administrator privilege, that user could change their own role to another administrator-type role that contained higher operational scope. This has been fixed now. • An XSS vulnerability which resulted in unauthorized permission to execute arbitrary commands was found in Password Policies feature. This has been fixed now. • The internal security framework used for Password Manager Pro has been upgraded to the latest version. Password Manager Pro Release 8.7 (8700) (6 th February 2017) New Features, Enhancements & Fixes • Custom Roles: Option to create custom roles for users, with provision to define operational scope for each role in a fine-grained manner. You can allow or restrict operations for the custom role (from a list of 100+ options like adding resources, allowing remote access to resources, creating policies etc.) and assign the role to desired number of users.

To learn more custom roles,. • In v8000 and above, while exporting password inventory report in.xls format for two or more resource groups, the report was generated for only one random group instead of all selected groups. This has been fixed.

• In v8603 and above, when a user selected a group of resources and attempted to bulk edit one/many of the resources' attributes, there was an issue while saving the edits. Specifically, the values present in the Notes field of all accounts associated to the selected resources were automatically overwritten with a blank value, even when no edits were carried out by the user to that effect. This has been fixed. • In v6300 and above, while integrating Password Manager Pro with a PhoneFactor system for two-factor authentication, the option to 'Test Agent Connection' returned an error if the user had manually specified account credentials and agent service URL (this issue did not occur when the credentials had been stored in Password Manager Pro). This has been fixed. • In v8500 and above, when a password user tries to export in plain-text the resources in a resource group shared with him/her, the exported spreadsheet (.xlsx) was blank.

This has been fixed. • In v8505 and above, the 'Copy to Clipboard' option across the GUI did not work in Chrome browser.

This has been fixed. • In v8601 and above, when a user tried to update password for scheduled tasks from Password Manager Pro, the reset failed due to a double quote missing in the reset command. This has been fixed. • Earlier, users were unable to launch RDP connections from Password Manager Pro's web-interface when the respective username contained a space or the password contained a percent sign (% ). This has been fixed. • Earlier, when details such as name, description etc. Were provided in Japanese for resources, the Japanese characters were not displayed in the PDF version of Canned and Query reports generated for the respective resources.

This has been fixed. • Earlier, in the MSP edition, there was a configuration issue with the Replicate Settings option available under Organization actions. The issue caused the User Group Settings to replicate time and over in the client org, with respect to the number of times the user clicks on Replicate Settings. This in turn interfered with the workflow of various options under User Group Settings. This has been fixed. Password Manager Pro Release 8.6 (8604) (23 rd January 2017) Security Fixes • In v8601 and above, users making use of LDAP authentication with two-factor authentication enabled, were able to access their Password Manager Pro account by supplying only the username for LDAP authentication and thereafter the valid second factor credentials. This was possible because when anonymous binding is enabled, LDAP server allows connection without credentials, if one knows the LDAP username.

This issue has been fixed. Password Manager Pro Release 8.6 (8603) (30 th December 2016) Enhancements & Fixes • Bulk edit option is now available for resources, which allows the administrator to select several resources and edit them in bulk at the same time. • Username mapping is now available for two-factor authentication options such as Duo Security and PhoneFactor. This option allows you to map usernames between Password Manager Pro and two-factor authentication services listed above.

• Earlier, integrity checks for password synchronization once enabled was carried out for all passwords on a daily basis by default. The administrator could only adjust the time at which the check should be carried. Henceforth, integrity checks can be scheduled to be run at desired time intervals.

• Earlier, newly configured mail server settings could not be successfully saved if any of the given e-mail ids consisted of '-' (hyphen). This has been fixed now. • Earlier, in the Japanese version of Password Manager Pro, text inputs in the 'Reason' field syslog messages sent from the tool were either incomplete or comprised of garbled characters. This has been fixed now. • In v8500 and above, when resources with file attachments were shared with password users, the users were unable to download the attachment. This has been fixed. Security Fixes • A function level access control vulnerability resulted in unauthorized permission to edit Password Manager Pro's default resource types.

This has been fixed now. • Earlier, if the option 'unique password generated through email' is configured for two-factor authentication in Password Manager Pro, the OTP generated and sent to a user's email id during a login attempt did not expire instantly upon one-time usage.

The OTP could be reused multiple times for login from different systems as long as the primary login session remained active. This has been fixed now. • In order to negate the possibility of DOS attacks, threshold limits have been introduced for HTTP operations (using POST method) from the web console. The threshold limits restrict the number of times that a particular HTTP operation can be carried out per minute from a user ID. PMP Release 8.6 (8602) (14 th Dec 2016) Bugs & Security Fixes • In v8600 and above, when an administrator changed the web-server port number under Admin-->Server Settings, the action caused a service failure after a restart. This issue has been fixed.

• A function level access control vulnerability resulted in unauthorized permission to view other users' personal passwords stored under a specific category, when the option 'Allow users to create their own passphrase' is disabled under General Settings. This has been fixed now. PMP Release 8.6 (8601) (2 nd Dec 2016) New Features • Lock Password Manager Pro Users Option to temporarily prevent any user from accessing Password Manager Pro by locking down the respective account. The user accounts can be unlocked anytime, with all user settings intact including share permissions.

• New REST APIs • To edit resources. • To edit/delete accounts • Support for Duo Security Two-factor Authentication Support for Duo Security two factor authentication for login to Password Manager Pro. Already, Password Manager Pro supports Google Authenticator, PhoneFactor, RSA SecurID, a one-time, randomly generated unique password, and any RADIUS-compliant two factor authentication mechanism as the second level of authentication for two factor authentication. Enhancements • Add Secondary Domain Controllers to a Windows Domain Resource While creating a Windows Domain resource, users can add the DNS Name / IP Address details of secondary (or multiple) domain controllers associated with the resource. Once added, they can also auto log on to all associated domain controllers using the same Windows Domain account. • MSP Edition • Earlier, the 'Import Organization from CSV file' feature did not provide the option to attribute an 'Account Manager' for the organization during the import itself. As a result, once organization details were imported from the CSV file, the MSP admin had to separately assign an administrator in Password Manager Pro as the Account Manager.

Henceforth, an Account Manager column containing the administrator 'username' can be added in the CSV file itself and directly attributed to the new organization during import. • Earlier, when the administrator configured 'Replicate settings across client orgs,' the saved settings were applicable only for new client orgs and not for existing orgs. As a result, resource/user groups, share settings, and additional fields were not replicated in the existing orgs. Now, a new option has been introduced to sync the newly configured replication settings (except additional fields) across existing client orgs as well, either all or desired. • While creating new users via RESTful API, they can now also be added to a new or existing user group.

• Earlier, while adding a new resource with Password Manager Pro via RESTful APIs, API users had default permission to specify another existing user as the resource owner. The API user could also edit a resource owned by other users. Now, an option has been introduced to disable API users from adding/editing resources under other user's ownership.

• Earlier, while adding a new Windows Domain resource, the 'Configure password reset for associated service accounts and IIS AppPool accounts' section did not give further options for the user to enable/disable password resets separately for service accounts, scheduled tasks, and IIS AppPool accounts. Password resets could be configured either for all or none of them, regardless of whether services/IIS AppPools were run using the domain account. Now, new options have been introduced which allows the user to exclusively choose required password resets'among service accounts, scheduled tasks, and IIS AppPools as well as service restart options. • Earlier, when password resets for Windows Scheduled Tasks were carried out, users faced version compatibility issues for Task Scheduler if the target Windows server edition was different from that of server in which Password Manager Pro was running.

To solve such platform issues, the Scheduled Tasks password reset mechanism has been enhanced to also support Task Scheduler 2.0. • Earlier, when two-factor authentication (TFA) was enabled, Password Manager Pro's login screen asked for the username first, and both primary password and TFA credential were requested together in a fresh second screen. Henceforth, the user has to input both username and password (first level of authentication) in the login screen. Only when the primary authentication succeeds, the user will prompted for the TFA credential in a new screen.

Bug Fixes • In v8500 and above, while importing resources from Active Directory under 'Resource Discovery' option, comma separated values entered in the 'Resources to import' field were not imported properly. Only the first value was imported.

This has been fixed now. • In v8600, when a user group was restricted from storing their personal passwords in Password Manager Pro, the users of that group were unable to retrieve their enterprise passwords.

This happened only when the global option to manage personal passwords was enabled under General Settings, but disabled for that specific user group. This has been fixed now. Security Fixes A function level access control vulnerability resulted in unauthorized permission to edit Password Manager Pro's pre-defined password policies (Strong/Medium/Low/Offline Password Fil).

In addition, the vulnerability also allowed the deletion of the password policy that has been set as default. This has been fixed now. Password Manager Pro Release 8.6 (8600) (11 th November 2016) New Features & Enhancements • Azure AD Integration Introducing out-of-the-box integration with Azure Active Directory (AD), which allows users to login to Password Manager Pro with their Azure AD credentials, in both Windows and Linux platforms.

The integration also allows import of users and user groups from Azure AD to Password Manager Pro, and keeps data synchronized through Azure AD sync schedules. • Query Reports This new addition to the Reports section now allows administrators to construct reports by writing their own SQL statements. The statements can be used to directly query the Password Manager Pro database and fetch required information to address unique reporting requirements. • Store Recorded Sessions in an External Location Video recordings of RDP, SSH, Telnet, and SQL sessions will hereafter be stored in an external location, instead of Password Manager Pro database. Users can configure two external locations, one primary and another backup, where recorded sessions will be stored automatically once the operation is audited in Password Manager Pro, provided there is connectivity between the configured locations and Password Manager Pro server.

For earlier recorded sessions stored in Password Manager Pro database, export options are given to move them to the configured external location. • Purging of Recorded Sessions now available, as a separate operation Earlier, video recordings of RDP, SSH, Telnet, and SQL sessions could not be purged separately.

The sessions could be purged only as a part of user audit purge. But, purging user audit records just to remove sessions also removed the operations details such as user account used to launch session, date and time, and more.

Now, there are alternate options to configure purging of recorded sessions alone and retain the audit details of the operation. • Earlier, when the SSL certificate for the server was changed, RDP sessions could not launched automatically and the user had to manually install the certificate again to initiate a session. Now, the issue is fixed and new certificates will be automatically verified when RDP sessions are launched. Bug & Security Fixes • Server JRE that comes bundled with Password Manager Pro is upgraded from v1.7.0_71 to v1.8.0_102 due to security vulnerabilities in the older version.

PostgreSQL and Tomcat server have also been upgraded to the latest versions 9.5.3 and 8.0.20 respectively. • Maverick Legacy libraries used for SSH CLI in Password Manager Pro have been upgraded to the latest versions. • OpenSSL libraries used in Password Manager Pro have been upgraded from 0.9.8g to 1.0.2j, the latest version released with vulnerability fixes. • Reflected and stored XSS vulnerabilities which resulted in unauthorized permission to carry out critical operations were found in Landing Server configuration, Rebranding, and Reports features. This has been fixed now. • A vulnerability which resulted in unauthorized permission to delete Default Resource Types in Password Manager Pro has been fixed.

• A CSRF vulnerability, which resulted in unauthorized permission to change the default resource type set for any resource, has been fixed. Password Manager Pro Release 8.5 (8505) (18 th October 2016) Enhancements & Bug Fixes • Option to trigger a bulk password reset in one click for all the resources that a specific user has access to, i.e. Resources owned by or shared with that user. This allows the administrator to reset all passwords related to a specific user in case they leave the organization and then transfer those resources to another user. • While evaluating Password Manager Pro with the 30-day trial edition, users can now switch instantly between the different product editions available (Standard / Premium / Enterprise) and test the desired edition. • In Windows account discovery feature, an additional check has been introduced which allows the user to choose not to import any disabled computer account in the Active Directory during the discovery process. The user also has an option now to identify existing resources in Password Manager Pro that have been marked as disabled in AD and delete them.

• Resources and groups can now be imported directly from KeePass (1.x and 2.x) to Password Manager Pro. • Earlier, when cross-domain authentication is used for Windows discovery tasks, local accounts and service accounts were not enumerated from the selected domain. This issue is fixed now. • A new report named 'Unshared Passwords' report has been added to the 'Canned Reports' section. The report lists all the passwords that have not been shared with any user in Password Manager Pro.

Bug & Security Fixes • Earlier, password integrity checks failed for certain target systems in agent mode as Password Manager Pro server reported connection failure. This issue has been fixed now. • Earlier, 'Rebranding' settings could not be edited when Password Manager Pro web-interface is connected using Internet Explorer. This issue is fixed now. • In 'Personal Passwords' section, after a custom category is set as default, users could not add new accounts or delete existing accounts in that particular category. This issue is fixed now.

• In v8500 and above, new resource addition operations could not be completed successfully if the DNS Name / IP Address field contained the character '_' (Underscore). This issue is fixed now. • Earlier, Windows account discovery tasks could not be completed if the admin password supplied to carry out the operation contained a double quote (').

This issue is fixed now. Password Manager Pro Release 8.5 (8504) (19 th September 2016) Enhancements & Bug Fixes • Earlier, upgrade packs could be applied only to Password Manager Pro's primary installation, and high availability had to reconfigured every time after the upgrade. Henceforth, upgrade packs can be directly applied to the secondary installation as well, without any need to reconfigure high availability. • In v8500 and above, when Password Manager Pro server was restarted, personal password management option was getting enabled even in cases where it had been disabled by the administrator.

This has been fixed. • Earlier, there were AD sync issues while importing users and resources from different domains. Resources/users from the wrong domain were imported for a few sync schedules when they were run again after the first import operation. This issue is fixed. • Earlier, in the MSP edition, while providing a user group with 'Manage Organization' permission for different orgs, only 100 organizations could be allotted to that user group. This limit has been removed now.

• In v8500 and above, while adding a new account under a resource, the add operation could not be successfully completed if the 'Notes' field contained more than 230 characters. This issue is fixed. • In v8500 and above, whenever a password is checked in by a user, the audit log for the check in operation did not properly display the resource name (if the name contained characters like ' a m p & ' ). This issue is fixed. • Earlier, for any resource group, if the option 'Reset passwords upon expiry' was enabled, the option did not work for the resources within the group for which access control had been configured. This issue is fixed. • In v8500 and above, while adding a Linux resource, the add operation could not be completed if 'Private Key' field was left blank.

This issue is fixed. Bug & Security Fixes • Earlier, clear/copy to clipboard actions in the GUI were carried out with Flash support. For security purposes, Flash elements have been removed for these actions and support is now provided through JavaScript. Password Manager Pro Release 8.5 (8503) (25 th August 2016) Feature Enhancements & Bug Fixes • Earlier, when a domain admin account was shared with users for RDP auto logon to related domain member machines, the users could use that domain account credentials to log in to the domain controller as well.

Now, while sharing domain admin accounts with users for auto logon purposes, an optional check is given to prevent RDP connections to the domain controller resource. • A new check has been introduced, while adding a Windows resource, to restrict users from using the local account of that resource to launch RDP connection, and instead use only the domain account to connect to the resource. • Earlier, when the last remaining user in an organization unit (OU) was removed in AD, the same user did not get removed from the corresponding user group in Password Manager Pro. This issue is fixed.

• Earlier, in the 'Show Passwords' table under 'All My Passwords,' the selected column sort order did not persist for non-admin users once they navigated to other tabs. This issue is fixed. • In Password Manager Pro Japanese edition, audit log for the operation 'Discovery Task Deletion' was not captured properly in the audit records. This issue is fixed. • Earlier, under Passcard option, when the provided link is opened to access the concerned account, the password could not be viewed properly if the Resource Name or Account Name shown in the GetPasscard page contained a 'space.' This issue is fixed. • Earlier, for Add Resource operations, account addition step failed if the concerned account's password field contained specific characters ().

This issue is fixed. • Earlier, when users tried to reset Google Authenticator settings from the Password Manager Pro login page, the option did not work due to case-sensitive issues or if the username contained ' ' (Backslash).

This issue is fixed. • In v8500, users were unable to add new resources under the pre-defined type 'PostgreSQL,' if they had earlier created and saved 'PostgreSQL' as a custom resource type. This issue is fixed. • In v8303, while importing OUs from Active Directory, all the resources in the 'Default Group' in Password Manager Pro were automatically removed if the name of any of the OUs contained a comma (,). This issue is fixed.

• Earlier, in the UI screen, Admin-->Add Resource-->Add Accounts, when an account was added, password of the added account was partially revealed along with the account name in the display box beneath. This happened if the password contained both double quotes (') and greater-than sign (>), in that order. This issue is fixed.

• Earlier, under 'Scheduled Password Reset,' while setting Password to use, the option 'Assign the same password to all user accounts, but change it during every schedule' did not work properly. Instead of a same password, unique passwords were set for each account. This issue is fixed. • Earlier, while using RESTful API to add or modify a resource, the users could not use the characters, ' in the account password. This limitation has been removed now. Password Manager Pro Release 8.5 (8502) (27 th July 2016) Feature Enhancements & Bug Fixes • Earlier, option to open direct RDP connections to target resources using multiple domain accounts was available only under the Auto Logon tab. Now, the option is also available under 'Resources' and 'All My Passwords' tab.

• Customers (except MSP edition users) in v8500 faced issues in saving new changes in 'Export Passwords - Offline Access' settings. This has been fixed now. • Customers in v8500 were not able to save changes in User Settings for any user groups, if their language setting is not English. This issue has been fixed now. • In 'Advanced Search' option, the search results were incorrect if the search text contained '&'. This issue has been fixed now.

• Earlier, when users tried to reset Google Authenticator settings from the Password Manager Pro login page, the option did not work if the username contained '_' (Underscore). This issue has been fixed now. Security Fixes • Earlier, net use command was used by Password Manager Pro agent (Windows) for password reset and verify operations. If 'Audit Process Creation' is enabled under 'Advanced Security Audit Policy Settings' for the Windows target machines, the reset and verify operation commands were captured in the Windows event logs, including new passwords in clear text. This has been fixed now, by using Windows APIs instead of net use command for the agent to carry out password reset/verify operations.

Password Manager Pro Release 8.5 (8501) (9 th July 2016) Feature Enhancements • Service Account Password Reset using Password Manager Pro Agents Password Manager Pro agent enhanced to support automatic propagation of password changes across dependent services associated with a Windows domain account, when the respective account passwords are reset in Password Manager Pro. • Group Settings Replication during Organization Addition (MSP Edition) While creating a new client organization, MSP admins can now replicate the user and resource group structures as present in the MSP org and other client orgs. Resource group to user group share settings can also be replicated in the new org. • Under 'Users' tab, new option to search for users by their 'First/Middle/Last Name' has been added. Bug & Security Fixes • Customers using v8500 faced slow performance issues while loading Two-factor authentication settings in the application's web interface. Page load time took 30-40 seconds.

This has been fixed now. • Earlier, while creating resources in Password Manager Pro, only HTTP and HTTPS schemes were allowed to define 'Resource URL'. Now, Amazon S3 URL styles and other schemes are also supported.

• In version 8500, values entered in additional field columns/accounts and values copied to clipboard were displayed incorrectly due to encoding issues. This has been fixed now. • In version 8500, while selecting default domain under User Management in General Settings, an invalid input error was thrown if the default Domain Name field contained special characters.

This has been fixed now. • An XML eXternal entity (XXE) vulnerability identified in XML-RPC API has been fixed. Password Manager Pro Release 8.5 (8500) (June, 2016) Security Fixes & Enhancements: • Password Manager Pro now comes with a comprehensive security filter that helps protect the solution against a host of vulnerabilities, including cross-site scripting attacks (XSS) and cross-site request forgery (CSRF). In addition, to prevent any unauthorized actions by genuine users (by manipulating the parameters in the URLs), authorization check has been enabled for every single action involving a database query through URLs. • New REST API to add API User. Password Manager Pro Release 8.4 (8404) (May, 2016) Security Fix • Users making use of LDAP authentication were able to access their Password Manager Pro account through PMP's browser extensions by supplying a blank password.

This issue was found only in PMP's browser extensions and NOT in the web version. However, since the fix involves changes in APIs in the web version, this security fix is being provided. Customers of all versions of PMP (till 8403), who are using browser extensions with LDAP authentication should apply this fix, in addition to upgrading the browser extension separately. Password Manager Pro Release 8.4 (8403) (April, 2016) New Features • IIS AppPool Password Reset: Support for automatically resetting the passwords of associated IIS AppPool accounts when the domain account passwords are reset through Password Manager Pro.

Optionally, the IIS AppPools can be restarted remotely by Password Manager Pro after the password change. • New REST APIs: • To download certificates, licenses, and other files. • To add license keys, digital certificates, documents, images and more • To create multiple accounts that are associated with a specific resource id. • To delete a specific user in Password Manager Pro.

• Transfer Approver Privileges: Option to transfer the privilege to approve password access requests from one administrator to another in bulk. When an administrator leaves the organization or moves to a different department, all the approval privileges of that administrator can now be transferred to another administrator in a single click. Enhancements & Bug Fixes • Provision to customize password expiry report based on expiration date of passwords. With this option, you can now generate the list of passwords that are about to expire during a specified period of time.

For instance, you can find passwords that will expire in the next 5 days. • Privileged accounts can now be marked as favorites from the search result view itself. • Earlier, custom reports, once saved, could not be duplicated with additional edits. Now, 'Save as new' option has been added to create duplicate copies of saved custom reports. Also, a direct link to create custom reports has been added under 'Audit' tab. • RESTful API to fetch account details has been enhanced to include password expiry status, compliance status and reason in case of non-compliance, and configured policy for the accounts.

• Privileged accounts can now be marked as favorites from the search result view itself. Earlier, when password compliance notifications were configured for individual resource groups, in certain rare scenarios, some compliant passwords were also notified as non-compliant. This issue has been fixed. • Earlier, when the option 'Allow all admin users to manipulate the entire explorer tree' had been enabled in 'General Settings', all resource groups, including unshared groups were displayed in the explorer tree structure (only the names of the unshared groups were displayed in grey text; the underlying passwords were not shown).

Now, unshared groups can be hidden from view. • Earlier, users had to manually go to 'Resources' tab and select the resource group name under 'Show Resources of' option to view the list of resources in each group. Now, resource group names have been hyperlinked to automatically take the user to 'Resources' tab and display the corresponding resources. Security Fixes • Earlier, while viewing old passwords from password history, it was possible to make changes to account ID in the request URL and retrieve password history of unshared passwords.

This issue has been fixed now. • Earlier, URL query string parameters were passed through HTTP GET method for 'Password Change' and 'Password Export' features, which was a concern since GET holds parameters in history. This has been changed now by using HTTP POST for query strings instead of HTTP GET. Password Manager Pro Release 8.4 (8402) (March, 2016) Bug Fixes: • In PMP builds v8400 and 8401, Active Directory synchronization for resources did not work properly. This has been fixed. • Earlier, search based on account additional fields for criteria-based groups did not work on the 'Add Resource Group' page. This has been fixed.

• Earlier, searching on numeric fields for criteria-based groups did not work with PostgreSQL as the backend database. This has been fixed. • Earlier, audit filter in the recorded sessions tab did not work with MySQL as the backend database.

This has been fixed. Password Manager Pro Release 8.4 (8401) (February, 2016) Bug Fixes: • In PMP 8400 build, it was not possible to configure single sign on as part of active directory integration. This has been fixed.

• In PMP 8400 build, while importing users from an OU in AD, automated email notification was sent to all the imported users. This has been fixed. Password Manager Pro Release 8.4 (8400) (February, 2016) New Features: • Launch Direct Connection With Remote Databases: Provision to launch a direct connection to remote databases from PMP web-interface and execute CRUD queries without deploying any database query tools. In addition, shadow the session in parallel and chat with other admins/ users present in the session. • VNC Support for Collaboration: Provision to remotely access and take control of resources using VNC. By this way, administrators get direct access to the remote machine and could collaboratively work with other users.

• Launching Administrative Console Session using RDP: Provision to launch an administrative console session with remote resources using RDP. Enhancements & Bug Fixes • Earlier, there were some scrolling issues in the SSH console. This has been fixed with a new interface.

• Earlier, AD User Sync feature was available only for Enterprise Edition. Now, this feature is available in all editions. • Security Best Practices Enforcement • Option to disable local authentication when AD/LDAP authentication is enabled.

• Password Manager Pro will enforce password reset in the following scenarios: 1. Change the login password after first login to PMP 2. When username itself is used as the password.

After exercising the forgot password option. • When two-factor authentication is enabled globally, all new users who are imported/synced from AD/LDAP will have two-factor authentication enabled by default.

• Earlier, password administrators also had the privilege to mark any password policy as the default policy. Henceforth, only administrators will have the privilege. Password Manager Pro Release 8.3 (8303) (December, 2015) Enhancements & Bug Fixes • Automatic synchronization of Active Directory OU details did not work in the following scenario: When users / resources belonging to a sub-OU are imported into Password Manager Pro, the synchronization for the same did not work after a subsequent import operation from any other OU or sub-OU.

This has been fixed. (Affects only those who started with PMP from build 8200 or later. Customers using previous versions and the ones migrated to latest versions from builds prior to 8200 are NOT affected). • Provision to use a named instance of MS SQL server as the backend database for PMP. This is supported in all scenarios - using MS SQL server as the backend database afresh, and when upgrading from PostgreSQL or MySQL to MS SQL.

• Earlier, there were issues in loading audit trails when the page contained a large amount of data. Performance enhancements through optimizing SQL queries now result in showing the data 10 times faster.

Displaying about 1 million audit records now approximately takes two seconds. In addition, you can now filter audit trails from primary and secondary servers and view them separately Password Manager Pro Release 8.3 (8302) (November, 2015) Enhancements & Bug Fixes • Option to enforce password policy for personal passwords. • Option to enforce users to guard their personal passwords with a passphrase, which will be used as the encryption key for storing the personal passwords. • Option to map username between PMP and Radius two-factor authentication service.

This helps simplify user management. • A new report to capture the list of users who are not part of any user group. Password Manager Pro Release 8.3 (8301) (October, 2015) Bug Fix: • In PMP build 8300 (only for the users who upgraded from earlier builds), search and sort did not work in some table views in the GUI.

This has been fixed. • When auto logon for web apps had been configured through PMP bookmarklet, certain web sites and application do not allow auto submission of credentials for automatic login. To handle such cases, provision has now been made only to auto-fill the details. Submission can be done by the users. This can be configured from Resource >>More Actions. • Email notifications sent from PMP for password retrieval and change events did not contain the reason field.

This has now been fixed • Earlier, when PMP web interface is launched in Internet Explorer, the login name of the custom categories created as part of 'Personal tab' were not getting displayed. This has been fixed. • In PMP v6902, when access control workflow had been enabled, when a user checks-in a password after exclusive use, it was not being reset. This has been fixed now. • When using global search in PMP with PostgreSQL as backend database, extended ASCII characters typed as search strings were not getting displayed. This has been fixed. • Earlier, when PMP web interface is launched in Internet Explorer, there were problems in playing back the RDP sessions recorded by PMP.

This has been fixed. • Earlier, there were issues in generating custom reports with User Audit as the base. This has been fixed. • Earlier, the alerts on the status of High Availability (in PMP with MySQL as backend database) were not being sent.

This has been fixed. PMP Build 6904 (Nov, 2013) Bug Fixes • In PMP v6903, when access control workflow had been enabled, when a password user checks-in a password after his usage, it was not being reset. This has been fixed now. PMP Build 6903 (Sep, 2013) New Features / Enhancements • RADIUS / RADIUS-Compliant Authentication System for Two Factor Authentication: Option to leverage RADIUS server or any RADIUS Compliant two Factor Authentication system (like Vasco Digipass) for the second factor authentication. • RESTful APIs: PMP now provides RESTful APIs, which help you to connect, interact and integrate any application with Password Manager Pro directly.

The APIs also allow you to add resources, accounts, retrieve passwords, retrieve resource/account details and update passwords programmatically. Bug Fixes • At times, PMP login screen prompted users to enter the password again even when the password entered was correct. This has been fixed now.

• Earlier, there were issues in alphabetically sorting the entries in Resource tab and Home tab (when using PMP with PostgreSQL as the backend database). This has been fixed. • When Access Control Workflow had been enabled, in certain environments, resetting of passwords of Netscreen devices after the end of the exclusive use period was not working. This has been fixed. • In PMP v6902, when a user fails to check-in a password at the end of his usage period, PMP resorted to automatic check-in of passwords, but the password was not being reset. This has been fixed now. PMP Build 6902 (July, 2013) New Features / Enhancements Google Authenticator for Two Factor Authentication • PMP now provides the option to leverage Google Authenticator, a software based authentication token developed by Google as the second factor of authentication.

Already, PMP supports PhoneFactor, RSA SecurID and a one-time, randomly generated unique password as the second level of authentication for two factor authentication. Exporting Resource Groups • Option to automatically export the resources belonging to specific resource groups by creating scheduled tasks.

The data gets exported in the form of an encrypted HTML file. Bug Fixes • In PMP build 6901, there were problems in starting PMP when installed as secondary server in High Availability architecture in Linux machines.

This has been fixed. PMP Build 6901 (June, 2013) New Features / Enhancements • Support for launching PMP web-interface in Internet Explorer 10 • The implementation procedure for 'Custom Listener', which enables providing your own implementation for Password Reset Listener, has now been simplified with the enhancements in the GUI. You need not have to edit the configuration files in PMP manually to enter the details about the implementation class.

These details can now be provided through entries in GUI • Enhancements to bolster the overall security posture of the product Bug Fixes • Earlier, when the administrator had restricted the users from viewing the passwords in plain-text when auto logon had been configured, in certain specific scenarios, there were issues in retrieving passwords even when auto logon had not been configured. This has been fixed. • Restrictions on the usage of weak ciphers in the product PMP Release 6.9 (Build 6900) (May, 2013) New Features / Enhancements • PMP iPhone app is now available for. Facilitates secure retrieval of privileged passwords and approval of access requests on the go. Provides offline access to privileged passwords too.

• 'Custom Listener', a new feature that enables you to provide your own implementation for Password Reset Listener. With the provision to have your own listener implementation class (instead of just letting PMP execute the listener script provided by you), Custom Listener offers complete flexibility to execute any post password reset follow-up action. • Provision for remote password synchronization of VMware ESXi resources through VMware vCenter API. Bug Fixes • Earlier, Active Directory User GUID check wan not included in AD authentication. This is included now.

• Administrators and Password Administrators can now filter and view all the resources that are owned by them in the 'Resources Tab' by selecting the 'All owned resources' option. PMP Build 6803 (Mar, 2013) Bug Fix • In builds 6800, 6801 and 6802, Password Manager Pro client session launched from Internet Explorer was getting terminated intermittently. This has been fixed.

PMP Build 6802 (Feb, 2013) Changes/Bug Fixes • In builds 6800 and 6801 with PostgreSQL as backend database, the global search did not show results properly for Password Users. This has been fixed. • Users who wish to migrate to PostgreSQL as the backend database from MySQL are now required to download (For Windows) / (For Linux) and then run the migration script. PMP Build 6801 (Jan, 2013) Enhancements/Changes/Bug Fixes • Support for migrating data from PMP running with PostgreSQL as backend database to MS SQL server. Migrating data from MySQL to PostgreSQL is also supported. • Build 6800 did not get installed properly when attempted to install in Linux as root user. This has been fixed.

• In build 6800, in some environments, the high availability status was not properly depicted. This has been fixed. PMP Build 6800 (Dec, 2012) Enhancement/Change • Support for PostgreSQL as backend database. From this version onwards, the product comes bundled with PostgreSQL 9.2.1.

PMP Build 6701 (Oct, 2012) Changes / Bug Fixes • While adding the domain account as a resource, PMP provides the option to select the resource groups for service account reset. For every Windows system present in those groups, PMP will find out the services which use this domain account as service account, and automatically reset the service account password if this domain password is changed. In PMP build 6700, when a Windows domain account was added, the resource groups selected for service account management were not getting saved. As a result, the service account reset for the resources that are part of the selected resource groups did not work. This has been fixed now. PMP Build 6700 (Oct, 2012) New Features & Enhancements Privileged Session Recording • Privileged sessions launched from Password Manager Pro can now be recorded, archived and played back to support forensic audits and let enterprises monitor all actions performed by privileged accounts during privileged sessions. Password Manager Pro enables recording of Windows RDP, SSH and Telnet sessions launched from the product.

Auto Logon for Web Apps • Option for enhanced auto logon to web applications by installing PMP bookmarklet on the browser bookmarks bar. PMP can be setup to auto-fill the login page of web applications with appropriate username/password information, to allow users to login to those apps with just a few clicks, instead of manually entering the information. Manipulating Explorer Tree • Provision to allow admin users to manipulate the entire explorer tree structure in any manner as they wish. Once this is option enabled, PMP creates an organization wide, global explorer tree structure containing the names of resource groups under a root node.

Any administrator in PMP would be able to create/edit the explorer tree structure of resource groups. The tree structure will be accessible to all admins, password admins and end users. Admins and password admins can add their resource groups anywhere into the global tree and the whole structure will be available for view to all the end users. If this option is disabled, users can modify only their portion of the tree.

Password Access Control Report • New report providing complete details about the password access control workflow scenario of your organization. List of resources for which access control has been enabled, resources for which access control is deactivated, resources for which the requests are automatically approved, list of password release requests approved/denied etc are depicted. Changes / Bug Fixes • Earlier, when resources were imported from active directory, certain values like display name, description and location were not properly populated in PMP. This has been fixed. • Earlier, there were issues in adding additional fields (to enter password values) for resource types such as license store, file store and key store. This has been fixed.

• Earlier, there were issues in editing the files that were added through custom fields. This has been fixed. PMP Build 6600 (July, 2012) New Features & Enhancements New Resource Types Support for Remote Password Synchronization • Sun Oracle XSCF • Sun Oracle ALOM • Sun Oracle ILOM • IBM AS400 Super-Administrator as 'Break Glass Account' Provision to keep the super-administrator role as a break-glass account for emergency access to passwords. Hitherto, any administrator could change the role of another administrator (not himself) as super-administrator.

PMP now provides the option to prevent administrators from creating super-administrators. New Resource Types for Remote Password Synchronization • S upport for remote password reset and verification of VMWare ESXi and HP iLO resources Custom Fields • Provision for creating additional fields to store file type input. Upto 4 files of any type can be attached to every resource and every account within a resource Bug Fixes & Changes • The option to restrict the users from exporting passwords in plain-text has been moved from 'General Settings' to 'Admin >>Customize >>Export Passwords - Offline Access' GUI. The option is also available in 'User' and 'User Group' tabs • E arlier, there were issues in displaying custom fields when creating/editing resources. This has been fixed. • In the GUI to create copies of resources/accounts and in the GUI to move accounts from one resource to another, the names of resources and accounts will henceforth be shown in alphabetical order • E arlier, in some specific scenarios (where authentication was required) there were issues in sending emails from PMP.

This has been fixed. • Earlier, in the case of auto logon helper (browser plug-in deployment model) there was an issue in launching direct connection to target systems. This has been fixed. • Earlier, there were issues in launching PMP web-interface in Firefox 11. This has been fixed.

PMP Release 6.4 - Build 6404 New Features / Bug Fixes / Changes • Automatic Approval in Access Control Workflow Provision for automatic approval of password access requests. Users need not have to wait for approval by authorized administrators while going through the access control process. • RADIUS Server Authentication RADIUS server can now be integrated with PMP for leveraging RADIUS authentication. • List of Super Administrators List of all super administrators will be displayed in the information bar to all administrators, password administrators and auditors PMP Release 6.4 - Build 6403 Bug Fixes / Changes • Invoking auto logon helper in turn downloads a browser addon file. The SSL certificate that ensures trustworthiness of the addon has now been renewed.

• Earlier, user group activity report was not displayed properly on the dash board. This has been fixed. PMP Build - 6402 New Features / Enhancements. • Dual encryption of passwords and files for extra security. MS SQL Server as Backend Database • Support for MS SQL server as the backend database in PMP. PhoneFactor Authentication • ManageEngine has partnered with PhoneFactor, the leading provider of phone-based two-factor authentication for two-factor security for Password Manager Pro.

Already, PMP supports RSA SecurID authentication and generating a one-time, randomly generated unique password as the second level of authentication for two factor authentication. Smart Card Authentication • If you have a smart card authentication system in your environment (such as US DoD Common Access Card (CAC)), you can configure Password Manager Pro to authenticate users with their smart cards, bypassing other first factor authentication methods like AD, LDAP or Local Authentication. Custom Reports • Support for creating customized reports out of the canned reports and audit reports. You can specify custom criteria and create customized reports as per your needs High Availability • Functional enhancements to High Availability architecture making it more stable and robust Changes & Bug Fixes • Hitherto, when synchronization schedule had been enabled for importing users from Active Directory, changes in email addresses in Active Directory did not get updated in PMP. This has been fixed now • Earlier, as part of automated password integrity check, PMP made three attempts to verify the passwords on target systems.

This led to lockout scenarios due to the IT policy related to failed login attempts. This has been changed now and PMP attempts to check password integrity only once • Option to import resources from Active Directory with fully qualified domain name (fqdn) as the DNS name of the resource • Verify password feature did not work for SYS accounts in Oracle 10g. This has been fixed • Support to populate old password, when attempting to change the password of HP UX resources • Option to specify the time period in minutes up to five digits while granting exclusive access to passwords (when enabling access control workflow) • Earlier, in 'All Passwords' UI, at times, password field was displayed as undefined.

This issue has been fixed • Earlier, when entering a reason for password retrieval had been made mandatory, in some cases, copy to clipboard did not prompt reason column. This has been fixed PMP Release 6.2 - Build 6201 New Features / Enhancements. SIEM Integration • Provision for generating SNMP traps and Syslog messages upon the occurrence of any activity/event - be it password access or modification or any other activity performed in the PMP application. The traps/syslog messages can be sent to the SIEM tools, which can thoroughly analyze these events, correlate them with other network events and provide informative, holistic insights on the overall network activity. Two Flavours of APIs for A-to-A Password Management • Completely revamped provisions for Application-to-Application Password Management, which help eliminate hard-coded passwords in enterprise environments.

PMP provides two flavors of the API - a comprehensive application API based on XML-RPC over HTTPS and a command line interface for scripts over secure shell (SSH), using which any enterprise application or command line script can programatically query PMP and retrieve passwords to connect with other applications or databases. Nested Resource Groups • Option to arrange and maintain resource groups in hierarchical structure (groups, sub-groups) for navigational convenience Password Explorer • 'Home' tab re-arranged in an intuitive way to provide easy access to the passwords owned and/or shared. The explorer contains the following components: • All My Passwords • My Recent Passwords • My Favourite Passwords • Nested Resource Group Tree Remote Password Synchronization for Juniper Netscreen Devices • Support for changing the privileged passwords of remote Juniper Netscreen devices from PMP GUI Templates for Customizing Email Notification Content • By default, PMP has a specific content for the email notification for various password actions. If you want, you can customize the content and have your own content. Export Passwords of Resource Groups • Option to export the passwords of specific resource groups alone Bug Fixes & Changes • MySQL version upgraded from 5.0.36 to 5.079 • Earlier, when there were large number of passwords, loading of the dashboard took some time. This has now been optimized • Earlier, there were issues in carrying out password synchronization / verification using a single account in Linux.

This has been fixed. • Earlier, when Active Directory authentication was enabled, there were problems in logging in to PMP using the local authentication when a AD user was deleted. This has been fixed. • Earlier, when a resource group name contained a single quote, the hierarchical arrangement of resource groups were not properly shown. This has been fixed now.

• Earlier, when the 'Personal Password' option was disabled for a Password User, the Password Explorer view became hidden. This has been fixed now.

• So far, no cipher was explicitly mentioned for encrypting the connection between the two MySQL database instances, used in high availability and live backup scenarios. Evolus Pencil Pdf Export Template. Aromaterapija Knjiga Pdf File. Now this connection is also AES encrypted by choosing the DHE-RSA-AES256-SHA cipher for the SSL channel. • The JDBC connection between the JRE (Java(TM) Runtime Environment) and the MySQL database is now encrypted by default, to eliminate the need to set it up separately. • All user input submitted in the user interface are centrally validated to check for and discard harmful inputs that could cause scripting attacks like cross-site scripting (XSS) irrespective of case of the scripting content.

PMP 6002 - Bug Fixes & Changes • All user input submitted in the user interface are centrally validated to check for and discard harmful inputs that could cause scripting attacks like cross-site scripting (XSS) or SQL injection. • When password policies contained a special character in the policy name, there were issues getting the policy work after editing it. This has been fixed now • Earlier, the 'verify password' operation failed for Linux and HP-UX target systems in certain environments. This has been fixed • Earlier, the custom fields for accounts did not support special characters in name. This has been fixed • Earlier, administrators were permitted to allow exclusive password access to a user for a maximum of 99 hours. Now, it has been modified to enter three-digit figures (in hours) • In PMP 6001, while carrying out high availability setup, there were issues in creating the replication pack.

This has been fixed • Earlier, in PMP high availability set up, the /mysql/data folder was growing in size. This has been fixed PMP Release 6 New Features / Enhancements.

Password Access Control Workflow • Support for password request-release workflow to enforce enhanced access control in the product. The user, who requires a password, will have to 'request the release' and one or more administrators will authorize the request. Password will be made available for the exclusive use of the user for a stipulated period of time. It will be automatically reset thereafter and the user will thereby forfeit the access.

Two-Factor Authentication • Option to enforce users to identify themselves with two unique factors through two successive stages before they are granted access to PMP web-interface. While the existing authentication mechanism of PMP (native authentication / AD / LDAP) will be the first authentication factor, the second authentication factor could be either a unique password generated by PMP and sent through email or RSA SecurID one-time token, which changes every sixty seconds. For RSA part, PMP has entered into a technology partnership with RSA, The Security Division of EMC (NYSE: EMC). Firefox 3 Plug-in • PMP plug-in for Firefox 3 to enable copying of passwords to the clipboard and to invoke various operating system commands for automatically logging-in to target systems.

Flash 10 Support • Support for copying of password to the clipboard when Flash 10 is used in conjunction with Firefox Remote Password Reset • Option to enter administrator credentials for resources / resource groups in bulk to configure password reset for target resources with ease Password Policy • Support to specify a password policy for many resources / resource groups at one go PMP Login GUI • If you have users from various domains, the PMP login screen will list-down all the domains in the drop-down. For ease of use, you may specify the domain used by the largest number of users or the frequently used domain in 'General Settings'. Once you do so, that domain will be shown selected by default in the PMP login GUI New OS Support • Support for installing PMP in Windows Server 2008 Changes/Bug Fixes Importing Resources • Earlier, when importing resources, if the list of resources imported by you contains any of the already existing resources, they were ignored and not added to PMP.

Now, option is provided to override this rule. Resource Type • PMP supports managing the website login credentials. For ease of use, a new default resource type named 'Website Account' has now been added Active Directory Integration • When users are imported from domain, by default, email notification is sent to all the imported users.

Now, an option has been provided to disable the Email notification. • Earlier, if the password of the users imported from Active Directory contained special characters such as &,%, authentication failed. This has been fixed. Reports • PMP carries out periodic checks to ascertain if the passwords stored in the system and the ones in the actual resource are in sync with each other. The results are presented as 'Password Integrity Report'. Earlier, the integrity check was being done at 1 AM everyday. Now, an option has been provided to configure the integrity check timing.

Single SignOn • Earlier, in IE 7, when Single SignOn was enabled and if PMP login failed, it was not possible to login to PMP with any other user name. This issue has been fixed now. Usage of Single Quote in Email Address • Single quotes are now allowed in the email addresses in PMP PMP Release 5.4 New Features / Enhancements.

Remote password synchronization for MySQL servers and HP ProCurve devices • Support for changing the privileged passwords of remote MySQL servers and HP ProCurve devices from PMP GUI • Periodic password synchronization check with remote resources now supported for MySQL servers and HP ProCurve devices PMP in two editions • PMP is now available in two editions - Standard and Premium. For more details, click. Reports in.xls format • Support for generating all reports in.xls format Changes / Bug Fixes • If the PMP service is run with domain administrator privilege, passwords of all the local accounts in the computer (present in the domain) can be changed without the need for supplying the old password. • While providing authentication details in Mail Server Settings, it is now possible to select an user account already present in PMP. • Option to restrict users from providing their own encryption key for managing personal passwords (as part of general settings) PMP Release 5.1 New Features / Enhancements.

High Availability Support Uninterrupted access to passwords by deploying redundant PMP server and database instances A-to-A, A-to-DB Password Management Support for Application-to-Application/Database password retrieval and management by deploying 'Password Management APIs' Windows Service Account Reset Support for automatically resetting the passwords of associated windows service accounts when the domain account passwords are reset through PMP. • Support for securely storing different file types such as a license key, digital certificate, document, image etc. • Active Directory integration enhanced with provision for importing user groups • Support for filtering and viewing passwords based on resource groups • Provision for searching passwords and creating groups based on custom attributes • Support for enabling windows single sign-on as part of AD integration. Users who have logged in to the windows system using their domain account need not separately sign in to PMP • Default Reports: password details report and password policy compliance report • Option to generate reports in PDF format and to email the same • Support for viewing all attributes of a resource from 'Passwords View' • Provision for 'Live Backup' through replicated database.