Version v7.5.7 (Stable)

With KeePass Client v7.5.4

Release Date

Jun 27th, 2016

These Release Notes detail the differences between this release and the last Stable version (7.3.7).
For information about the "Latest" versions in between, see Older And In-between Versions.

Download Here

Upgrade Instructions

New Module: Reset Users

  • Pleasant Reset Server is available as a stand-alone product or as an addition to Enterprise+ and Enterprise+SSO. Reset Users do not need Pleasant Password Server accounts to reset their Active Directory / LDAP passwords.
  • Active Directory / LDAP password resets made easy: no need to tie up administrative staff when users forget their passwords.
  • Active Directory / LDAP users can now reset their own passwords right from the Windows login screen, or via the Web Client.
  • See our Reset Users documentation for more information.
  • Vist our Online Store to add Reset Users to your license.

New Module: MSSQL & RDP SSO Servers

  • Allow users to access privileged machines without the passwords ever touching their systems; all they need to know are their logins for Password Server.
  • See MSSQL SSO Server and RDP SSO Server for more information.

New Feature: SSO Session Recording

  • Allows admin to review activities performed while accessing privileged systems through Pleasant Universal SSO.
  • See SSO Session Recording for more information.

New Feature: Radius

  • RADIUS is now a supported Two Factor Authentication method

New Features: Misc

  • New Report: Attachment Report
    • Keeps track of the size and location of files that have been uploaded to Password Server.
  • Added View Security access level option to allow users to view, but not edit the security rules for folders and credentials.
  • Password Server now supports IIS Express 10.


  • Our AD/LDAP integration has been expanded:
    • Nested groups are now supported (Users & Roles > Manage Directories > click Directory name > click Advanced Settings > make sure Get Nested Groups is checked). The roles created when nested groups are imported will not be nested automatically.
    • New OpenLDAP directory type has intelligent presets for OpenLDAP-specific configuration settings (other LDAP implementations are still supported).
    • Directory account information for auto-syncing and performing password changes and resets is now obfuscated in the database.
Note: When you log into Password Server for the first time after upgrading, a page
requesting Directory account credentials may appear. Dismiss it by providing credentials
for an account with at least read access to the Directory.

Prevent this page from appearing by entering these credentials on the Edit Directory
page (Users & Roles > Manage Directories > click Directory name) before upgrading.
  • Password Server now prevents Mozilla Firefox from prefilling saved login information in unexpected places in the Web Client interface.
  • HTTP SSO Server now supports "Basic Authentication" http mode.
  • Various improvements to the clarity of the Self-Serve Reset Challenge configuration interface and related UI.
  • The SSO Server page now displays the public SSH thumbprint of the Password Server so users can be sure they are connecting to the right machine.
  • Moved the Language Selection dropdown from the bottom of every page to the Manage Account page (accessible from the Hello menu in the top-right corner of the screen).
  • Private Folder creation page now only shows users without Private Folders.
  • Entry History details now include the expiration date of an entry if it had one at that revision.
  • Entry History now shows the most recent changes first by default.
  • Added a new timeout notification when a Web Client login expires.
  • Various performance improvements for Web Client and KeePass Client startup.
  • Misc security improvements.

Bug Fixes

  • Various fixes to UI elements in the Web Client and translations.
  • Fixed an issue that could prevent users who have ever modified any credential from being deleted.
  • Database Backups are only being encrypted with the first 256 bits (32 characters) of the encryption key, so we have updated the Backup Configuration UI to reflect this and truncated existing keys to 32 characters.
  • Fixed an issue where the KeePass Client would only save the most recent window-specific custom Auto-Type sequence.
  • Fixed an issue where creating a circular role relationship in which A is a sub-role of B is a sub-role of A would cause a crash when members of A or B logged in.
  • Fixed an issue that could result in manual backups being saved with the wrong encryption key.
  • Fixed an issue in the Enrollment Report where the "Email Configured" and "Two-Factor Configured" columns would always say 'No' if the user did not have a Reset Challenge Policy assigned.
  • Fixed an issue where our KeePass Client's Offline Mode would deny Standard Edition users access to cached entries.
  • Fixed an issue in our KeePass Client where credentials could be deleted if a user tried to move a folder to another folder where they do not have permission.
  • Fixed an issue in our desktop clients that would cause error dialogs to appear to users if their roles were changed while they were logged in.
  • Fixed an issue where the API calls made by the KeePass Client could be identified as attempted attacks by some security software.

Compatibility Notes

  • KeePass Clients v6.0.1 and older will not be able to perform actions that require usage comments, although other functions will continue working. Upgrade the client installations.
  • Internet Explorer 8 is no longer supported in Password Server Version ≥ 7.0.1.