Login for Windows release notes

Note the following compatibility requirements:

  • SecureAuth IdP version 9.3, SecureAuth® Identity Platform release 19.07 or later

  • Biometric fingerprint recognition requires the Identity Platform release 19.07 or later, using the 2019 theme.

  • Transactional logging requires the Identity Platform release 20.06 or later, using the /authenticated endpoint.

Release 21.04

What's new

All of these features are supported only in the Identity Platform release 21.04 or later.

  • New integrated Login for Endpoint configuration page in Identity Platform. Open the new Login for Endpoint page from the Identity Platform user interface to customize your Login for Endpoints user experience. The easy-to-use pages help you set up your operating system, the multi-factor methods, and even personalize your users' experience during authentication. (Existing customers will recognize the options that were manually set in the config.json file in previous releases.)

    To learn more, see Configure Identity Platform and Login for Endpoints

  • New second-factor authentication methods added. You can now choose the following new 2FA methods: PIN and link-to-accept available for both SMS/text and email.

  • Azure AD support. Login for Windows now supports Azure AD domain-joined machines.

Resolved issues
  • CP-924 – Admins can set the Suggests use of an OATH-based method on first login regardless of your Adaptive Policy settings option, which causes a message to display to end users suggesting that they authenticate for the first login by using an OATH-based method. This ensures that they can log in when offline.

  • CP-1000 – Login for Windows supports Azure AD domain-joined machines.

  • CP-1023 – The following error messages have been enhanced to give end users more information about issues: password expired, change password, account locked.

  • CP-1037 – PIN as a second factor works with Login for Mac release 21.04 in the SecureAuth Identity Platform release 21.04.

  • CP-1039 – Link-to-accept as a second factor via SMS/text and email works with Login for Mac release 21.04 in the SecureAuth Identity Platform release 21.04.

  • CP-1167 – After installation where "Suggests use of an OATH-based method on first login regardless of your Adaptive Policy settings" is set and "Bypass interval" is set, when end users first log in, they will no longer automatically see a login page that suggests setting a second factor.