Passwork
Roadmap
Features requests
Changelog

Changelog

Follow up on the latest improvements and updates.

RSS

new

improved

fixed

Passwork 7.0.5

Passwork 7
In the new version, we’ve improved sorting algorithms for vaults, passwords, and shortcuts, extended settings for authorization password policies, and made numerous improvements to the UI and localization.
Improvements
  • Added new settings “Restrict password reuse” and “Password history length” to the authorization password complexity policies
  • Added an option to navigate to the initial password directory from the Recents and Favorites
  • Added tooltips for long group, folder, password, and shortcut names
  • Prevented creation of additional fields with duplicate names or names already used in system fields — identical names with different cases are allowed
  • Improved filters in User management and Activity log
  • Improved the UI, dark theme, and localization
Bug fixes
  • Fixed sorting of vaults, folders, passwords, and shortcuts in Favorites, Inbox, Search, and Bin
  • Fixed an issue where the SMTP password field sometimes displayed “Empty” even though a password was set
  • Fixed an issue where trying to open a password with a lot of characters in the “Password” field prevented cards from opening and users were redirected to the Recents
  • Fixed an issue where a prompt to change the local password sometimes appeared after logging in via LDAP
  • Fixed an issue where the “Master password complexity policy settings” appeared in role settings when the client-side encryption was disabled
  • Fixed an issue where some system notifications were not sent to administrators and users with permission to view them
  • Fixed an issue where manually imported data was reset when returning to data mapping
  • Fixed incorrect display of access levels in the “System settings changed” event
  • Fixed sorting by date in the Bin
You can find all information about Passwork updates in our technical documentation.

new

improved

fixed

Introducing Passwork 7

Passwork 7
In the latest version, we've refined and enhanced every element of our product, making it even more convenient for users and more effective for addressing administrative tasks.
New backend and frontend
We’ve completely rewritten the code using modern methods: improved performance, simplified initial setup, sped up the implementation of new features, and laid the groundwork for developing a desktop application.
Expanded API capabilities
We’ve added a full-fledged API to ensure seamless integration with existing systems and services. Now, you can use it to access all Passwork features — from copying passwords to managing users and security settings.
Updated UI
We’ve redesigned the key sections based on your feedback and fixed a number of flaws, while improving UI personalization and maintaining the familiar workflow.
Custom roles and groups
Instead of just two standard statuses, you can now create an unlimited number of roles with individual permissions and settings. The previous "Roles" have been renamed to "Groups," and access management has been made more intuitive.
Updated vault structure
Instead of organization vaults and personal vaults, users can now create private vaults. A private vault becomes shared only when other users are added to it. Administrators are no longer automatically added to new vaults.
Vault access confirmation
Adding users to groups no longer provides automatic access to vaults — access now requires confirmation from the vault's administrator. Users who gain access to a vault through LDAP synchronization will also need to be confirmed.
Learn more about all new features in Passwork 7 in the article — docs.passwork.pro/passwork-7
To upgrade to version 7.0, you’ll need to update your Passwork to version 6.5, migrate your data, and confirm this in the customer portal. Upgrade instructions can be found here — docs.passwork.pro/migration-v7
⚠️ We recommend exploring the new features and data migration specifics in a test environment before updating your self-hosted version. For testing, you can deploy Passwork 7 on a separate server — this will allow you to review all the changes in the new version without affecting your current working environment.

new

improved

fixed

Browser extension update 2.0.21

Browser extension
In the new version, we have improved autofill, enhanced TOTP code generation, and fixed an issue that prevented notes from being displayed in the password info.
Sign-in and autofill
The extension won't open new tabs when autofilling your credentials on websites with the "Sign in using Passwork" button.
TOTP сodes
Spaces will now be automatically removed when copying or entering values in the TOTP field. Additionally, an issue that sometimes led to TOTP codes being generated incorrectly has been fixed.
Other changes
  • Added tooltips for long titles
  • Added an ability to set colors for folders
  • Fixed an issue that prevented notes from being displayed in the password info
  • Fixed an issue with Passwork tabs closing after terminating the extension session
  • Fixed an issue with spaces being removed in search queries
The browser extension is available for Google Chrome, Apple Safari, Microsoft Edge, and Mozilla Firefox.

new

Browser extension update 2.0.17

Browser extension
In the new version, we have fixed the issue with random logouts, updated the autofill algorithms, and added a notification for expired authorization tokens.
  • Updated autofill algorithms to minimize the number of server requests — autofill window now appears on all websites with a login form
  • Added error notifications for expired authorization tokens
  • Fixed an issue where the extension would unexpectedly log out during background requests
  • Fixed an issue which prevented copying inbox passwords from the autofill window
The browser extension is available for Google Chrome, Apple Safari, Microsoft Edge, and Mozilla Firefox.

new

improved

fixed

Browser extension update 2.0.16

Browser extension
In the new version, we have fixed a number of issues related to autofill, notifications, extension data reset, and increased the delay time before the extension closes after five failed PIN attempts.
  • Fixed the incorrect notification stating that a password has been copied successfully which could appear before a password was saved to the clipboard
  • Fixed the incorrect activation of autofill on websites when no credentials are found in Passwork
  • Fixed an issue where users could not log out of the extension after the API usage restriction was enabled
  • Fixed an issue where a shortcut could be selected in the autofill window even though its password had been removed
  • Fixed an issue where the browser tab with Passwork could automatically close after signing in to the extension
  • Fixed an issue where browser extension data was not reset after its removal
  • Increased the delay time before the extension closes after 5 failed PIN attempts from 4 to 7 seconds
The browser extension is available for Google Chrome, Apple Safari, Microsoft Edge, and Mozilla Firefox.

new

improved

fixed

Passwork 6.4.3

6
  • Fixed an issue where, after moving a password to the Bin, its shortcut could still be used to autofill data via the browser extension
  • Fixed an issue with the incorrect display of role names in the recent actions of a folder
  • Fixed an issue where incorrect data could be displayed on the "History of actions" and "Editions" tabs of the password card
  • Improved overall system security
We recommend updating your Passwork due to security fixes and improvements. The update is available on our customer portal.

new

improved

fixed

Passwork 6.4.2

6
  • Added "norepeats" parameter to the configuration file, which makes it possible to exclude consecutive identical characters when generating a password
  • Added "noavatar" parameter, which makes it possible to disable avatar transmission when performing API requests
  • Fixed an issue with shortcut and password colors that sometimes failed to update until the page was refreshed
  • Fixed incorrect display of some special characters in browsers on Windows
  • Replaced outdated links in the mobile device connection window
  • Improved overall system security
The update is available on our customer portal.

new

Browser extension update 2.0.14

Extension 2
In the new version of the browser extension, we have made it possible to set a mandatory PIN code for all users and improved its protection mechanism against brute-force attacks, we have enhanced the password search algorithm and introduced a number of UI improvements.
Mandatory PIN code
Now administrators can set PIN codes to be mandatory for all users. If no PIN code is set, users will be prompted to create one when they log in to the browser extension.
PIN code protection against brute force attacks
After each failed attempt to enter a PIN code, the input field will be blocked and cleared automatically. After five failed attempts to enter a PIN code, the extension will log a user out and reset the previously entered host address.
Improved password search while autofilling login forms
Password search to autofill login forms will occur across all passwords available to the user, not just the current domain.
Other Improvements
  • Added PIN code request in the save password pop-up window
  • Added validation of TOTP secret keys when editing passwords
  • Made additional empty fields invisible when viewing passwords
  • Improved the extension UI
Bug fixes
  • Fixed an issue where users could not select actions for shortcuts, it occurred when user vault access rights were lower than Admin
  • Fixed an issue where the Save button in the password editing window became inactive after deleting or changing the TOTP key to an incorrect one
  • Fixed an issue where the API request to log out of the session could fail while logging out of the extension
  • Fixed incorrect display of the Auto-lock field value when the PIN code is not set
  • Fixed an issue with duplicate pop-up windows
The browser extension is available for Google Chrome, Apple Safari, Microsoft Edge, and Mozilla Firefox.

new

improved

fixed

Passwork 6.4

6
In the new version, we have added the option to set a mandatory browser extension PIN code for all users, significantly expanded the list of events displayed in the Activity log, improved working with LDAP group lists, and made it possible for administrators to configure user access rights to password history and notifications related to their changes.
Mandatory extension PIN code
Now administrators have the option to make the browser extension PIN code mandatory for all users. If no PIN code is set, users will be prompted to create one when they log in to the browser extension.
History of actions with passwords
With the new ‘Who can view the history of actions with passwords’ setting, it is possible to grant users (with access levels below Admin) the right to view password history, password editions, and notifications of their changes — these features were previously available only to vault administrators.
Logging of all changes related to settings
Now all changes in the Account settings, User management, LDAP settings, SSO settings, License info, and Background tasks are displayed in the Activity log.
Automatic updating of LDAP group list
s
Automatic updating of LDAP group lists can now be configured on the Groups tab in the LDAP settings. The update is performed through background tasks with a selected time interval.
Other improvements
  • Added pop-up notifications when exporting data or moving data to the Bin
  • Improved display of dropdown lists on the Activity log page
  • Changed time display format of the ‘Automatic logout when inactive’ and ‘Maximum lifetime of the session when inactive’ settings
  • Changed the Enabled / Disabled dropdown lists on the System settings and LDAP settings pages with toggles
  • Increased minimum length of generated passwords to six characters
Bug fixes
  • Fixed an issue in the Password generator where selected characters were sometimes missing in the generated password
  • Fixed an issue where local users could not independently recover their account password when an LDAP server was enabled
  • Fixed an issue where local users could not register in Passwork when an LDAP server was enabled
  • Fixed an issue which occurred after moving a folder with shortcuts to another vault and shortcuts not being displayed in the new vault
  • Fixed an issue that occurred when trying to move a shortcut found in search results without opening any vaults right after logging into Passwork
  • Fixed an issue that occurred when trying to copy a password found in search results without opening any vaults right after logging into Passwork
  • Fixed an issue that occurred when a password was sent to another user and remained on the recipient's Recents and Starred pages after the initial password was moved to the Bin
  • Fixed the value in the time field for the ‘API key rotation period (in hours)’ setting which was reset to zero after disabling it
  • Fixed incorrect event logging in the Activity log after changing folder permissions
  • Fixed incorrect text notification about assigning access rights to a user through a role
  • Fixed incorrect tooltip text when hovering over the username of a recently created user
  • Fixed incorrect display of long invitation titles
  • Removed local registration page when LDAP server is enabled
More about the update
⚙️ The update is available on the customer portal

new

fixed

Passwork 6.3.10

6
  • Fixed an issue when logged-out users encountered errors while trying to download an attached file via a link to the password
  • Fixed an issue that prevented users from downloading attached files via a shortcut as they had no access rights to the initial password
  • Fixed an issue that occurred when trying to move a password found in search results without opening any vaults right after logging into Passwork
  • Improved overall system security
Load More