Release v2.5.0 - March, 2025
Overview
This release introduces several major features and enhancements designed to improve user authentication and security, streamline admin reporting, and enhance system flexibility.
New Features
Breach Password Integration
The latest release introduces the Breach Password Integration to enhance the security of user accounts by preventing the use of compromised passwords. This feature ensures that users create and maintain secure credentials, reducing the risk of account breaches.
Key Highlights:
Breach Password Validation:
The system checks passwords against a breached password database to prevent users from using compromised passwords.
Implemented Pages:
User Side:
Registration Page
Forgot Password Page
Profile Reset Password
Admin Side:
Create User Page
User Profile
Admin Setting
Report (Table, Notification, Reset Password & Breach Password)
Error Messaging:
Clear and user-friendly error messages are displayed when a breached password is detected, guiding users to choose a stronger password.
Anomaly Detection
We have introduced Fraud Anomaly Detection in Skillmine Auth to enhance security by preventing unauthorized access. This feature works when Adaptive MFA is selected in MFA settings and verifies user identity based on login patterns.
Key Functionalities:
Direct Findings:
Compares with the last logged-in user agent (device) and location.
If there is a mismatch, Multi-Factor Authentication (MFA) is triggered for the user.
Prediction Findings:
Analyzes user login behavior based on three parameters:
User Agent Check: Compares with historical device usage.
Location Check: Monitors if the login is from a new or suspicious location.
Time Range Check: Detects unusual login times.
If any one of these conditions is met, the system sends a security notification to the user.
Continuous Monitoring:
Every login attempt is evaluated using Direct Findings and Prediction Findings to detect potential fraud.
User Notifications & Actions:
If an anomaly is detected, the user will receive an alert message:
"If you logged in, please click here to confirm. If you did not, please click here to deactivate the current session and block future logins from this device."
If the user confirms the login, future logins from the same device, location, and time range will not trigger MFA.
If the user blocks the login, the system terminates the session and prevents future logins from the flagged device.
Adaptive Authentication
We have introduced Adaptive Authentication to enhance security while providing a seamless user experience. This feature dynamically adjusts authentication requirements based on risk factors such as user behavior, device, location, and login patterns.
Enhancements
Reset Password Link Sent as Per Flow Settings
We have introduced a new enhancement in Blueprint → Customize Users Password Reset Behavior, allowing administrators to configure how users receive the password reset link based on flow settings.
New Option: Notification Preference
Added a Notification Preference setting under Password Reset Behavior in Blueprint customization.
Administrators can now select how users should receive the password reset link.
Two Notification Options Available:
Email
SMS
User Experience Enhancement:
When an admin enables both Email and SMS options, users will be prompted to choose their preferred method when requesting a password reset.
Based on the user’s selection, the reset link will be sent via the chosen method (Email or SMS).
Admin Configuration Steps:
Navigate to Blueprint → Customize Users Password Reset Behavior.
Enable the Notification Preference setting.
Select either Email, SMS, or Both as available options.
SAML Logout Request Handling from IdP
Skillmine Auth now supports SAML Logout, ensuring that when an Identity Provider (IdP) initiates a logout request, all active sessions for the user are properly terminated across connected applications. This enhancement improves security and session management by enforcing a consistent logout experience.
Last updated