Changelog
Release history for Fortilis. Download the latest version.
Enterprise
- SCIM 2.0 provisioning API — auto-provision and deprovision users from your IdP
- SSO authentication — SAML 2.0 and OpenID Connect with JIT user provisioning
- Enterprise admin policies engine — password complexity, sharing restrictions, export controls, 2FA requirements
- Fill-only permissions — team members autofill shared credentials without seeing passwords
New Features
- Travel mode — stash non-travel items when crossing borders; reversible unlike panic mode
- Browser sidebar UI — full vault browsing in Chrome/Edge side panel with search, favorites, and TOTP codes
- Email alias integration — SimpleLogin, addy.io, and Firefox Relay for registration privacy
- Passkey-first accounts — create accounts with passkey only, no master password required
- Platform passkey API — WebAuthn registration and login with ES256/EdDSA support
AI & Developer Tools
- 5 new MCP tools: search_vault, get_credential, list_credentials, generate_password, get_totp
- Approval prompt before credential disclosure to AI agents
- Rate limiting: max 10 credential reads per minute per agent
- Full audit logging for all MCP access
New Features
- Built-in SSH agent — full protocol implementation with named pipe (Windows) and Unix socket support
- Git SSH commit signing — allowed_signers file generation and one-click git config
- SSH agent desktop UI — status panel, key management, and signing configuration
- Enhanced CLI —
fort ssh start|stop|status|list-keys and fort doctor diagnostics
- Shell completion plugins — Bash, Zsh, Fish, and PowerShell with SSH_AUTH_SOCK auto-set
Security
- Multi-algorithm SSH signing: Ed25519, ECDSA P-256, RSA (SHA-256/SHA-512)
- Session key cache with configurable TTL and automatic memory zeroing
- Per-key agent settings: enable/disable, require per-use approval
New Features
- WebAuthn/FIDO2 passkey support — create and use passkeys stored in your vault
- Web Vault — browser-only access from any device without installing the desktop app
- BYOD sync expanded to all vault item types (passwords, cards, notes, SSH keys, passkeys)
- Browser extension passkey interceptor for automatic passkey fill
- Cloudflare R2 sync adapter
Improvements
- Enhanced browser extension with passkeys tab
- IndexedDB v4 with passkey storage
- Expanded entity sync metadata for all item types
New Features
- Vault health dashboard — aggregate security score (0-100) with category breakdown
- Breach, weak, reused, and old password detection with expandable issue lists
- Health trend tracking over 30/90 days with SVG sparkline visualization
- Bulk password health analysis in Rust backend
- Per-entry health badges in password views
New Features
- Password vault with auto-fill browser extension
- Credit cards, secure notes, identity documents, and secure files storage
- Autofill profiles for web forms
- Certificate lifecycle management
- Dynamic secrets with TTL-based rotation
- Webhook integrations for secret change events
- Backup and restore with encrypted exports
- Panic mode for emergency vault destruction
- Two-factor authentication (TOTP) for vault unlock
- Master password generator with passphrase support
- External password manager integration (1Password, Bitwarden, Dashlane, LastPass)
- Shared secrets with team members via secure links
- Getting Started guide with step-by-step onboarding
Security
- AES-256-GCM encryption with Argon2id key derivation
- Zero-knowledge architecture - encryption keys never leave your device
- Immutable audit log with hash chain tamper detection
- RBAC with Owner, Admin, Member, and ReadOnly roles
- Leak detection scanner for compromised credentials
- Recovery key system for account recovery without master password
- Platform JWT authentication with rotatable secrets
Infrastructure
- Windows NSIS and MSI installers (code-signed)
- Auto-updater with signed update manifests
- CI/CD pipeline with automated builds and tests
- 172 Rust backend tests, 68 frontend tests, 65 browser extension tests
- Unified GDK platform authentication
- Terms of Service acceptance tracking (GDPR compliant)
- Server-side trial activation
- GDPR account deletion support
Developer Tools
- BYOD sync engine (Postgres, MySQL, Google Sheets, S3)
- Agent bridge for IDE plugin integration
- CLI tool (
fort) for secret injection in CI/CD pipelines
- IPC for desktop app communication
- Branch-based secret organization with environment inheritance
- Schema storage and drift detection