Admin Console 13.1
Release date: January 17, 2019.
Enhancements & Benefits
This release contains several new role enforcement policies, visual improvements to the role enforcement policy section, additional refinements for existing role policies, and bug fixes to address known customer issues.
Custom Logout Timers
Previously, logout timer enforcements were limited to certain intervals between 1 minute and 24 hours. Now, you can customize the value of the logout timer in increments of minutes. To enforce a logout timer, turn the switch to the ON position and then specify the logout timer setting as seen below.
Note, "Disable email invitations" enforcement policy was also moved into this Account Settings role enforcement policy screen.
Platform Restrictions
By default, access is granted on all role enforcement policies. We have now added KeeperChat platform restriction policies. You may restrict the use of KeeperChat on Desktop and Mobile devices.
Vault Feature Policies
We have added a series of enforcement policies related to features within the Keeper Vault that appear in the "Vault Features" screen. The new policies added are the following:
Prevent users from creating folders
Prevent users from creating Identity and Payment records
Mask custom fields
Mask notes
Mask passwords
Day(s) before records can be cleared permanently
Day(s) before deleted records automatically purge
The screenshot of these policies can be seen below.
Notes:
When masking is enforced on custom fields, notes and passwords, this has the effect of replacing all of the content on the screen with dots as seen below. Clicking on the eyeball icon will display and hide the content within the field.
"Purge Deleted Records" enforcements prevents a user from deleting items in their vault and then immediately purging their deleted records permanently.
Here's an example of a record showing masked password, custom field and notes:
Sharing & Uploading Policies
A new role enforcement policy called "Prevent sharing records with file attachments" has been added. By default, this ability is permitted.
KeeperFill Restrictions
There is now a new screen called "KeeperFill" which controls the behavior of the KeeperFill browser extension for Chrome, Firefox, Safari, Edge and IE.
"KeeperFill disabled for specified websites" is a policy which will completely disable the KeeperFill browser extension on sites which match the list provided. You can add any number of sites to the list of disabled websites, and you can also include wildcard characters. This policy was created to address some websites or internal applications that are not friendly to browser extensions, or which impact the performance of the application.
Master Password Expiration
Similar to the improvements on logout timer settings, the "Master Password Expiration" policy can now be configured with a customizable number of days, instead of selecting from a pre-defined list.
Bug Fixes and Performance Updates
Fixed issue where users can't login to Admin Console with expired account transfer consent status
Sorting issues on several screens
RSA and Duo 2FA related issues
Recent Activity visual date issues
Fixed missing localization strings in certain languages
Known Limitations
This release will initially be supported only by these Keeper clients:
Browser Extensions
12.27 (Chrome, Safari, Edge, Firefox)
12.30 (Chrome, Safari, Edge, Firefox, Internet Explorer)
Keeper Web Vault
Coming soon...
All role enforcement policies will be fully supported on the following clients in upcoming releases:
iOS 14.2
Android
Surface
Microsoft Desktop application
Last updated