PistolStar, Inc. engineers have released a new version of PortalGuard v5.5 that introduces nine new features! With new feature requests from customers as well as growth in the software industry, we are determined to keep PortalGuard an up to date leader in password security management.
New updates and Features – PortalGuard v5.5
1.Google reCAPTCHA
For end-users and administrators alike, one of the most obvious additions to PortalGuard with version 5.5 is Google reCAPTCHA v2.0 Support. Google reCAPTCHA V2.0 is an alternative option to the hard to read letters found in the more common v1 reCAPTCHA codes. For accessibility, ReCAPTCHA v2 also provides an audio option for visually impaired users. The CAPTCHA technology is another layer protecting automated bots from accessing your website and apps.
2.Group Authorization for the PortalGuard Help Desk Console
Older versions of the PortalGuard Help Desk Console only allowed access to be authorized via username. As a result, LDAP group membership or SQL-based user repositories could not be utilized for authorization.
In order to streamline the process and improve both usability and functionality, PortalGuard v5.5 adds support for authorization using group and OU/container membership.
NOTE : With this enabled, you will be able to enter LDAP groups or OUs for Global Admins, as well as within the Authorized Users fields in Help Desk regions.
3.Limit User Actions in Help Desk Regions
The latest version of PortalGuard enables more granular control within the PortalGuard Help Desk Console. Specific users that have access to the Help Desk console can now be restricted to performing a subset of available actions. This allows you to delegate admin responsibilities to users that shouldn’t necessarily be performing these activities for an entire repository.
4.End-User Opt-In for Two-Factor Authentication
For a large swath of users, PortalGuard two-factor authentication may be too strict. With end-user opt-in for Two-Factor Authentication, PortalGuard allows you to leave username and password based logins as a default. The end-user will have the option of opting in for multi-factor authentication if they choose to.
This feature can be enabled in two different ways:
4.1 Self-Service Phone Enrollment
4.2 PortalGuard Account Management Page “Enable/Disable Multi-Factor”
5.Real-time Password Complexity Rule Checking
This feature provides users with additional information on how the new password complies with the configured password policy. By having the rules check off as they are completed, users experience a smoother password creation process – prior to this update, the end-user only saw the rules after their proposed password was rejected.
6.Automatic Session Timeout
PortalGuard uses sessions to maintain knowledge of a user’s identity. However, these sessions will timeout after a configurable duration of inactivity. This new feature automatically returns end-users to the PortalGuard login screen if their session with the PortalGuard server ends while they’re on a PortalGuard page. This will allow for more effective password security when using PortalGuard while preventing unauthorized access to an authorized user’s account.
(Only available for PortalGuard Account Management and SSO Jump pages)
7.Allow Default OTP Override for SSPR
Prior to v5.5 administrators were only able to give end-users the option of choosing their default OTP method for web-based or RADIUS logins that require multi-factor authentication. Administrators are now able to provide this choice to users for all three Self-Service actions:
Account Unlock
Password Reset
Password Recovery
When enabled, end-users can adjust their default OTP delivery method in the “OTP Delivery Methods” section of the PortalGuard Account Management page. Clicking the “Change” link displays a drop-down of all enabled OTP methods for which the end-user has already enrolled. This allows the end-user to adjust settings based on personal preference. Providing multiple options for configurations improves user adoption for any software solution. End-users are much more likely to utilize new software if it conforms to their established preferences.
8.Historical Strike information in Admin Dashboard User Details
PortalGaurd v5.5 updates the admin dashboard to provide additional login strike information. This feature provides admins with the ability to see more details about the last ten failed login attempts for a specific user (time, IP address, and web browser). This allows Admins to be more alert for any unauthorized activity.
For more information on current and past updates by version visit our Wiki