In the new version of the browser extension, we have made it possible to set a mandatory PIN code for all users and improved its protection mechanism against brute-force attacks, we have enhanced the password search algorithm and introduced a number of UI improvements.
Mandatory PIN code
Now administrators can set PIN codes to be mandatory for all users. If no PIN code is set, users will be prompted to create one when they log in to the browser extension.
PIN code protection against brute force attacks
After each failed attempt to enter a PIN code, the input field will be blocked and cleared automatically. After five failed attempts to enter a PIN code, the extension will log a user out and reset the previously entered host address.
Improved password search while autofilling login forms
Password search to autofill login forms will occur across all passwords available to the user, not just the current domain.
Other Improvements
- Added PIN code request in the save password pop-up window
- Added validation of TOTP secret keys when editing passwords
- Made additional empty fields invisible when viewing passwords
- Improved the extension UI
Bug fixes
- Fixed an issue where users could not select actions for shortcuts, it occurred when user vault access rights were lower than Admin
- Fixed an issue where the Save button in the password editing window became inactive after deleting or changing the TOTP key to an incorrect one
- Fixed an issue where the API request to log out of the session could fail while logging out of the extension
- Fixed incorrect display of the Auto-lock field value when the PIN code is not set
- Fixed an issue with duplicate pop-up windows
The browser extension is available for Google Chrome, Apple Safari, Microsoft Edge, and Mozilla Firefox.