Version 7.0.21 (Stable)

With KeePass Client v6.0.14 (no change)

Release Date

Aug 17, 2015

These Release Notes detail the differences between this release and the last Stable Release (6.4.13). For information about the "Latest" versions inbetween, see Older And Inbetween Versions.


New Features

Web Client

  • Two factor authentication is now supported on both the web client and KeePass client. 
  • Self-Serve Active Directory Password Resets
  • Mac Client: Pleasant Password Server Client is now available for OSX on the  Mac App Store

  • Mandatory Usage Comments: Improves auditability of credential access

    • Allows Adminstrators or those with applicable permissions to require users to provide a comment when performing actions such as modifying a credential or viewing a password.

    • The comments are recorded in the Audit Logs.

    • Refer to Usage Comments for more information.

  • Scheduled Password Auto Changer
    • Schedule automated password changing for your Unix, Active Directory and Open LDAP servers
    • Refer to Password Auto Changer for more information.
  • SSO Proxy support for SSH (Single Sign-On Proxy)
  • Offline Mode via Keepass: It will default to enabled, so upgrading users should disable it if they wish.
  • Time limited access: Access to Entries and Folders can now be Granted with a time limit, allowing temporary access that automatically expires based on an inputted time. Can be as short as an hour.
  • Email Notifications based on Access Levels
    • Allows Adminstrators or those with applicable permissions to setup automatic Email Notifications when a selected Role and/or User carry out Triggering Actions.
    • Adminstrators and Users with applicable permisson are able to customize Notification Triggers that are used to determine which actions or accesses should trigger a Notification. Notification Triggers are capable of being resused.
    • Refer to Setting Up Notifications for more information.
  • New Reports added
    • Access Frequence Report: Displays all User activity on Pleasant Password Server between the inputted dates.
    • Password Expiry Report: Display all passwords that will expire on or before the inputted date. Refer to 
    • Password Age Report: Display all passwords that are older than or equal to the inputted age value (in days). 
    • Load Report: Displays information regarding Pleasant Password Server Usage and server load based on the Logging information.
    • Password Strength: Displays all passwords with a strength below a given threshold.
    • Role Report: See which users have been assigned to which roles, broken down by direct assignment and inheritance through sub-roles.
    • Refer to Reports for more information on the above reports.
  • Skinning: Customization of Web Client with Company Name and Logos is now capable through the Settings Page.
  • Logging to SysLog: Password Server can be configured to log events to a SysLog server.



Version 7.0.8 disallowed the use of ' / ' characters in Folder and Entry names.  Version 7.0.21 contains a database upgrade that will replace the ' / ' characters in existing names with ' \ ' characters. The URLs and password data itself is unaffected


 Web Client

KeePass Client

Bug Fixes

Known Issues 


  • Windows XP and Windows Server 2003 are no longer supported in Pleasant KeePass Client Version ≥ 6.0.1 (because of the .NET Framework ≥ 4.5 requirement). Users of those legacy operating systems should use Client Version 5.0.3 and Password Server Version 6.4.13 (the most recent to support Client Version 5.0.3) until they upgrade.
  • Nested AD/LDAP groups cannot be imported in Password Server Version 7.0.1 - 7.3.5.
  • Internet Explorer 8 is no longer supported in Password Server Version ≥ 7.0.1.
  • In Internet Explorer, The Password Server must be viewed with Compatability Mode turned off.  Some IE settings force intranet sites to be viewed in Compatability Mode; if these settings cannot be disabled, accessing the Web Client using its fully qualified domain name can get around these settings.