In case you hadn't heard, we will be upgrading our platform (Centrify Identity Service and Centrify Privilege Service) to version 17.1 this weekend (Saturday, January 14th). The complete list of new features is available in the release notes, but as always I will tell you about my favorites here:
After a successful beta of our Form-Filling, I am happy to announce that Form-FIlling is now generally available. In case you missed the earlier announcements, Form-Filling is the ability for Centrify to log a user into a username and password application when the user goes directly to the app (instead of clicking on the tile in the User Portal). This feature is analogous to the SP-Initiated login flow for SAML apps. I've been using the feature personally for the past several months, and really love how it's made me more productive and has improved my account security. I've added all of my personal apps to Centrify, and when I did that, I created complex and random passwords that I actually don't remember. Now, I never type in passwords for my personal apps, I simply go to my personal app, and click the Centrify logo to login!
Form-filling is now generally available and supported on the following browsers:
Our development team is hard at work building these capabilities for Safari, so stay tuned for future updates on that!
This release also has several improvements to our mobile offering. We've updated our mobile app to support 3D Touch on iOS and App Shortcuts on Android. On these devices, a long press of the Centrify app icon will bring up a menu with the following options:
- Send MFA Code (Mobile Authenticator)
- The last 2 apps used
While the above is simply a convenience feature, we've also added a couple of great security features for mobile:
- Force Fingerprint for Mobile Authenticator. As it sounds, Admins can now set policy requiring users to provide a fingerprint when using Mobile Authenticator. This is an added security measure so that access is only granted to the rightful owner of the device when using Mobile Authenticator. (NOTE: currently available on Android devices only)
- Remediation Actions for Unreachable Devices. Admins can now set policy to take actions (lock or unenroll) on managed devices that are no longer reachable. You can think of this as a "poison pill" set on the client to take action if it does not successfully "phone home" within a specified period of time.
We hope you enjoy these new features and look forward to hearing your feedback!