We are pleased to announce the release of the Curity Identity Server 6.6.
The new opt-in Multi-Factor Authentication (MFA) action allows users to enhance the protection of their accounts by adding additional authentication actions to the log in process. When configured, users can add SMS, WebAuthn, Duo, or any other option to their log in. This additional identity check will be executed whenever they log in. It supports recovery codes and other management options in case the user loses their extra credential.
The number of database calls was reduced for some common use cases. For instance, session storage for log-in using the form authenticator was minimized. Database access was also optimized for introspection. These improvements should result in a speedup for many customers.
Sensitive credentials used by LDAP, database, and HTTP clients are now encrypted as soon as they are committed into the running configuration. As a result, exporting the configuration as XML or viewing it in the CLI or RESTCONF will only show encrypted configuration. The UI has been enhanced to reveal the original value when the admin is authorized to do so.
Read the release notes for more details.