Vault Release 16.10.10
Released on Nov 16, 2023
Features
VAUL-6175: Added thousands of popular website logos to the Vault user interface.
The implementation of website logos preserves full zero knowledge encryption and privacy. The entire library of logo files are embedded within the vault application.
KDE-1403: Optional SSO login method through default web browser
If the new "Use Default Browser for SSO" option is enabled from the desktop application menu, the user will be routed to their default web browser on the device in order to login with their configured identity provider.
The primary reason for implementing this feature is to support SSO identity providers who support FIDO2 security keys or other authentication methods that are not technically supported from the Keeper Desktop embedded browser.
For Admins who would like to enforce this to all desktops, a new Enterprise Configuration item called UseDefaultBrowserSSO is available.
DR-265: Ability to specify time zone and hour of day for scheduled password rotations
VAUL-5620: Enhancements for Recently Deleted page
VAUL-5686: Security Audit screen now has a "Last Change" column
VAUL-6138: New "Advanced" settings menu which contains the following features:
Search overlay controls
Syncing delay to improve overall performance in high volume enterprise tenants
Showing numbering in the record list view
Bug Fixes
VAUL-6135: Currently only owner and share admin can update permissions, add/remove users, set/update expiration timers. User with can_share right should be also able to manage users up to its own level of privilege.
VAUL-5659: Multiple Record Selection is not working in Deleted Items
KDE-1421: Records created while in offline mode are not syncing properly when going online
KDE-1373: KeeperFill for Apps Window opens in wrong location when tray is not in visible dock
KDE-1395: Memory leak on Mac App from repeat launching through cmd+tab, clicking the dock item, etc. This leads to unintended event handlers being enabled.
VAUL-5675: User is not able to delete forever a Lost Record shared via Shared folder from Lost Access
VAUL-5737: Missing 'Add to My Vault' button for records details panel in Lost Access tab
VAUL-6009: If you have a role enforcement set to restrict all record types in the vault, the import option during onboarding is now hidden.
VAUL-6083: Filename not being added to title when drag-and-drop attachment in Chrome/Edge
VAUL-6204: Import from Thycotic / Delinea Secret Server missing notes field and SecretTemplates section
VAUL-6213: Record title auto-suggestion not working when there are multiple words
VAUL-6214: Date formatting error when Arabic language selected
KDE-1411: On Mac, keyboard layout is cached on first use. When filling a password with KeeperFill for Apps on Mac, a map of key codes to character mappings is generated and cached. This cache is not released when the keyboard layout changed with the app running, resulting in incorrect key codes being sent for some characters.
KDE-1422: The "Create Record" hot key is turned on when the app is initially not in focus, preventing that hotkey from being used by other apps.
KDE-1385: KeeperFill for Apps is not able to detect secure fields when a record uses the "native app filler" field type.
KDE-1426: After importing files, KeeperFill for Apps doesn’t show the records. This leads to assertion failures with BreachWatch data which require record keys to decrypt the data.
Security Updates
VAUL-6170: Security improvements using CryptoKey storage on Firefox browsers for device keys
VAUL-6179: Convert ECIES-encrypted Record Keys to Data Key-encrypted Record Keys upon login.
KDE-1406: New desktop app installs will now store device private keys in the Apple Keychain or Windows Credential Locker instead of Chrome CryptoKey local storage, for improved security for native app installation. Existing keys will not be transferred until a reset takes place.
KDE-1412: Upgraded Electron platform to v26.2.4. This was actually released to production already in version 16.10.9 on a standalone basis.
Other Improvements
KDE-1417: When filling into a remote desktop session using mstsc.exe, incorrect characters are used with a different keyboard layout than the host machine.
VAUL-6219: Improved the automatic team-user approvals upon logging in. This new method handles a large number of pending users.
VAUL-6200: When viewing a deleted record, file attachments cannot be downloaded until the record is restored.
DR-348: Hide or gray out "Rotate now" button on modifying rotation settings
VAUL-5926: Shared Folder and Direct Share screens will only list those Share Admins who are explicitly shared to the object, to reduce confusion.
VAUL-5738: Allow free trial users to view record history
VAUL-6128: Show long folder names on-hover
KDE-1399: Return focus to previous app/window when KeeperFill for Apps is closed
508 Compliance: Over 20 tickets related to 508 compliance / ergonomics improvements
VAUL-5875: Create Duplicate UI changes to support various use cases:
If privacy screen is enabled, do not allow duplication
If a user duplicates a record that has linked records such as address or payment records, allow duplication of the record, disallow duplication of linked records, and present a notification: “The record you are duplicating contains links to other records. The linked records will not duplicated.”
If a user duplicates a record that has attachments, allow duplication of the record, disallow duplication of the attachment, and present a notification: “The record you are duplicating contains attachments. Attachments will not be duplicated. In order to duplicate attachments, download the attachment from the original record and re-upload to the newly created record.”
KDE-1414: New font type "Outfit" to replace "Overpass". This is Keeper's new font that is being slow-rolled across all platforms and interfaces.
Known Issues
Migrating from LastPass using Okta SSO saying "Import Error"
In the Okta Admin portal under Applications, locate your "LastPass Okta Login" application. Under the "Sign-in redirect URIs" section, add the following URI: http://localhost/
then click "Save".
Last updated