You are using an unsupported browser. Please update your browser to the latest version on or before July 31, 2020.

Looking for the Diagnostic Utility?

Click Here For Download and Usage Instructions

PortalGuard v3 Change Log

PortalGuard Version 3.x

2014-03-27 - v3.5.3.3

  1. More flexible SQL authentication:
  2. Hash encoding: base64 (default), hex UPPER, hex lower
  3. Prepend (default) or append salt
  4. Use chars instead of bits
  5. Salt encoding

2014-03-07 - v3.5.3.2

  1. New options for self-service utilization of mandatory answers.

2014-03-05 - v3.5.3.2

  1. Now showing remembered sessions in Acct Mgmt if KBA is used

2014-03-04 - v3.5.3.2

  1. Allowing batch import to set mandatory answers alone (which will clear optional challenge answers if they are not submitted)

2014-02-24 - v3.5.3.1

  1. Changed default type-ahead filter for global HD for OpenLDAP (via "Oracle/Sun" LDAP type) to NOT use the "(!objectclass=computer)" clause.

2014-02-18 - v3.5.3.1

  1. Add configurable PG_SIP "wait" param in milliseconds ("-w XXXX" on command line)
  2. Support for pre-hashing OpenLDAP password changes (SunONE type only)

2014-02-16 - v3.5.3.0

  1. Scheduled email expiration reminders for SQL-based PG profiles

2014-02-13 - v3.5.3.0

  1. Configurable YubiKey OTP validation server URL

2014-02-10 - v3.5.3.0

  1. Support for validating multiple phone formats in _PG_Countries.xml (NOTE: ALL formats are currently returned as a single XML value)
  2. Scheduled email expiration reminders for file-based PG profiles only

2014-02-05 - v3.5.3.0

  1. Changes to CPSLog class so TTTEnrollment.exe will NOT use CPSGlobalConfig but will still use CPSFileAccessor.
  2. Fixes to allow SSPR with Mandatory only vs. Optional only settings

2014-01-28 - v3.5.3.0

  1. "Remember browser" for KBA
  2. Require multiple challenge answers for KBA

2014-01-17 - v3.5.3.0

  1. Fix for allowing email changes from Acct Mgmt page (regression from v3.5.2.8)

2014-01-14 - v3.5.3.0

  1. for email confirmation

2014-01-14 - v3.5.3.0

  1. Support for sending account lockout notifications to user & extra accounts

2014-01-09 - v3.5.3.0

  1. Support for sending SSPM notifications to extra accounts

2014-01-09 - v3.5.2.11

  1. Support for 2FA via TMG's "RADIUS OTP" auth method that only performs a single RADIUS request. We're ensuring the pw field that comes over contains the pw & OTP delimited by "||||||" currently.

2014-01-03 - v3.5.2.10

  1. Fix to prevent resending OTPs that are expired (or about to). New OTPs are now generated when less than half an existing OTP's life exists.

2013-12-09 - v3.5.2.9

  1. Normalizing user and domain values for actions performed under Native Windows Authentication (UPNs are resolved to AD domain and sAMAccountName!)

2013-12-04 - v3.5.2.8

  1. Preventing email enrollment during login if already enrolled

2013-11-12 - v3.5.2.7

  1. Added ability to unlock accounts in Oracle Internet Directory
  2. Supporting groups for Oracle LDAP [filter was already correct: (&(uniqueMember=%s)(objectclass=groupOfUniqueNames))]

2013-10-31 - v3.5.2.6

  1. Preventing phone enrollment during login if already enrolled
  2. New option for completely preventing phone enrollment during login (done from Acct Mgmt)

2013-10-28 - v3.5.2.5

  1. Updated CPSLDAPAttribs to handle base64 encoded binary results and GUIDs as string

2013-10-23 - v3.5.2.4

  1. Account Management now displays linked accounts
  2. Better data returned in Admin Dashboard user lookup:

2013-10-19 - v3.5.2.3

  1. Checking OTP in AgentLogin if provided (prevents redundant OTP entry after SS enrollment)
  2. Support for SASL/Kerberos login for AD-based LDAP (satisfies LDAP signing security requirement if enabled in DC GPO)

2013-10-16 - v3.5.2.2

  1. Fix for native windows login using UPN

2013-09-23 - v3.5.2.1

  1. Now doing case-insensitive username checking during regional HelpDesk authorization

2013-09-19 - v3.5.2.1

  1. SQL repository support for SHA256, SHA384 and SHA512

2013-09-19 - v3.5.2.0

  1. Google Authenticator support

2013-09-17 - v3.5.1.9

  1. New repository option to perform account unlock against PDC (Native_UnlockOnPDC=1)

2013-09-16 - v3.5.1.8

  1. Made RBA/SQL event logging no longer dependent on file paths! (customer separated the log and policy folders to different parent dirs so it was throwing an error)

2013-09-16 - v3.5.1.7

  1. Support for SQL Native Client driver (XML columns weren't properly accessed previously)

2013-09-11 - v3.5.1.7

  1. Fix in CPSDate::set(tstring) for "date only" values. Now passwords expire on the proper day (instead of the day after) and grace periods are correctly enforced

2013-09-06 - v3.5.1.6

  1. Added optional proxy configuration (server, exceptions, user, password) to HTTP client class

2013-08-29 - v3.5.1.5

  1. Added 2FA option to PassiveKey enrollment

2013-08-26 - v3.5.1.5

  1. Leading/trailing and contiguous spaces were being removed automatically, preventing validation through checkAllCreds (would've been a problem in RADIUS login too).

2013-08-20 - v3.5.1.4

  1. New option in PG HelpDesk pw reset to expire the new password (checked by default)

2013-08-13 - v3.5.1.3

  1. Allowing change of challenge answers even when ERB is to be built (requesting and validating password)

2013-08-12 - v3.5.1.2

  1. Allowing user override of default OTP type for VPN
  2. Added custom text/prompt when PK is default VPN OTP

2013-08-07 - v3.5.1.1

  1. Support for PassiveKey TOTPs via VPN

2013-08-02 - v3.5.0.7

  1. Checking for duplicate emails on email registration/change

2013-07-30 - v3.5.1.0

  1. Support for Desktop 2FA auth types

2013-07-29 - v3.5.0.6

  1. Support for hex encoding in {RANDSTR()} function: HEX_UPPER and HEX_LOWER

2013-07-25 - v3.5.0.5

  1. Option for updating email address in LDAP when changed through PG
  2. New "AgentGeneral" subclasses

2013-07-24 - v3.5.0.4

  1. Adding self-registration for SQL repositories

2013-07-19 - v3.5.0.3

  1. Returning original self registration POST data for SelfReg email confirmation for any custom .NET uses

2013-07-05 - v3.5.0.2

  1. Adding self-registration
  2. Fix for ensuring "email enrollment" template is used for periodic email confirmation

2013-07-01 - v3.5.0.1

  1. Now setting PGAnonSess, PGSession cookies as "secure" if request was made over SSL
  2. Adding support for detecting when SSL proxies are in front of PG server with non-standard MS header, "Front-End-Https: on"

2013-06-27 - v3.5.0.0

  1. OTP dialog error for SSPM w/ 2FA when printed OTP was default (did not occur for phone or email)

2013-06-25 - v3.5.0.0

  1. Adding event record elements for SSPM redesign, Account Management actions & 2FA enrollment and use
  2. No longer ignoring/dropping HTTP cookie creation/deletion if we have a same-named cookie - newer one wins.

2013-06-19 - v3.5.0.0

  1. Allowing account linking (pw sync) to secondary SQL repositories

2013-06-13 - v3.5.0.0

  1. Allowing account linking (pw sync) to secondary SQL repositories
  2. Multiple primary repository support
  3. Tweaked HD user type-ahead to work regardless of repository type
Page last modified on August 10, 2016, at 05:08 PM
  • 39
  • 19-Jun-2018