Version 4.21.0

  • New version of SAB Launcher – fixed problem with premature closing of RDP connection; the size of the RDP window can now be changed dynamically; when creating a record, it is now possible to use a pattern from the Safe Box to generate a password; it is no longer necessary to reauthenticate when switching between different networks
  • New version of SAB Importer
  • New version of SAB Manager plugin for Total Commander

Version 4.20.0

  • Change the behavior of records when the access code is cached. The password is not displayed until the button is pressed
  • A list of registered stations is now available also in the mobile version
  • Fixed issue with password retrieval for default user in mobile version
  • Minor bug fixes

Version 4.19.0

  • Added SecureAnyBox – MITM attacks detection plugin for Firefox Browser (Protects you against MITM attacks)
  • Improved password retrieval in the mobile web interface – added option to pick up passwords for default domain users accounts
  • Fixed problem with the duplicate display of information after entering access code in the mobile web interface
  • Improved password retrieval for default domain users accounts
  • New version of SAB Importer – now supports bulk deletion of records based on a saved Import stamps
  • Minor bug fixes

Version 4.18.3

  • Fixed an issue with displaying password entropy when creating a new record using the SAB Launcher

Version 4.18.2

  • Implemented better cookie protections against CSRF and JavaScript access
  • Improved second factor cookie security
  • Changed some REST API requests to not use GET as a measure against possible reverse proxy request URL logging
  • Minor bug fixes

Version 4.18.1

  • New version of SAB Importer
  • Added new version of api description 1.1.15
  • Minor bug fixes

Version 4.18.0

  • Minor bug fixes

Version 4.18.0 Beta 1

  • The user can set the start page to which he will be redirected after each login
  • New licensed feature – LANCOM utility

Version 4.17.4 Beta 4

  • Possibility of the custom setting of import or composition of the user’s display name (and short display name)
  • Customizable column of record in Safe Boxes
  • New version of SAB Importer – significantly improved import from KeePass
  • Minor bug fixes

Version 4.17.3

  • Added the possibility of copying a record to another type of record
  • Added new version of api description 1.1.14
  • Fixed minor issues in the mobile version
  • New version of SAB CBT trial client
  • Minor bug fixes

Version 4.17.2

  • New .deb package agent for Linux (fixed unsupported dependencies on Debian 9 and 10)
  • New version of SAB Launcher – updated SAB Launcher minimum .NET framework version to 4.6.1 (to enable support for TLS 1.2 by default); SAB Launcher now supports creating records in White Envelope
  • New version of SAB Importer
  • New version of SAB Manager plugin for Total Commander
  • New version of SAB Manager plugin for FAR
  • New version of SAB CBT trial client
  • Added note about URL encoding requirement to access code header in the API documentation
  • Minor bug fixes

Version 4.17.1

  • Fixed redirection after login
  • Improved copying from notes
  • New version of SAB Launcher – added option “Open in SecureAnyBox web client”
  • Minor bug fixes

Version 4.17.0

  • Improved and more customizable system of notifications about accesses and/or changes in accounts
  • SAB browser extensions for Firefox and Chrome (and Chromium based browsers) for simplifying logging in to accounts on websites using accounts stored in SecureAnyBox
  • New version of SAB Launcher – support for web extensions, localization (de, cz)
  • New version of SAB Importer
  • New version of SAB Manager plugin for Total Commander
  • Minor bug fixes

Version 4.16.1

  • Improved notes formating in SafeBox records
  • Increase the width of the audit log table
  • Minor bug fixes

Version 4.16.0

  • Enabled option to audit log archiving (manually or automatically)
  • Improved LDAP connector – Added option to mapping mail attribute
  • Improved displaying of audit log
  • New version of SAB Importer utility
  • Added trial version of CBT client
  • Minor bug fixes

Version 4.15.0

  • Improved user invitation system (It is now possible to generate an invitation link)
  • Improved User management – added action menu
  • Added login password policy option
  • Minimum entropy can be set in the access code and login password policy
  • New version of SAB Launcher
  • Fixed the possibility to modify the width of columns in some tables
  • Minor improvements and bug fixes

Version 4.14.0

  • Added option to filter and unban banned users
  • Added new “Permission Templates” report
  • Added option to restore deleted records in bulk
  • Fixed displaying a password in a ticket if it contains some special characters / tags
  • Minor bug fixes

Version 4.12.0

  • Added option to pin selected Safe Box / Safe Box group to the top of the list
  • Added option to control access to agent configuration using user tags
  • New SAB Launcher version – supports Rasdial (VPN) and MikroTik Winbox
  • UI improvements
  • Minor bug fixes

Version 4.11.2

  • Added User help tours
  • Added Copying of records field values to the clipboard
  • Implemented Content Security Policy (CSP)
  • Updated javascript libraries
  • Minor bug fixes

Version 4.11.1

  • Fixed missing labels

Version 4.11.0

  • Improved password audit report
  • Minor bugfixes

Version 4.11.0 Beta 1

  • Fixed two-factor authentication in Internet Explorer 11
  • Minor bugfixes

Version 4.11.0 Beta

  • Added two-factor authentication
  • Added session timeout
  • Added option to filter user by user tags
  • White envelopes page now also shows the white envelope of the logged-in security officer
  • LDAP Viewer now shows LDAP groups
  • Minor bugfixes

Version 4.10.4

  • Fixed Safebox domain assignment when Safe Box was created or moved into Safe Box Group in another domain
  • Added ‘Apply Templates’ permission to user form in Users (editing user no longer removes Apply Template permission from root permissions)
  • Changed initial domain user permissions to full
  • Improved permission assignment logging

Version 4.10.3

  • Allowed deleting records in shared private safe boxes
  • Fixed an issue in user tag assignment when removing existing tag could remove tags assigned to other users
  • Fixed an issue in user tag assignment that prevented manually assigning user tag that was already synchronized
  • Minor improvements in API
  • Improved documentation

Version 4.10.2

  • A new version of import utility (SAB Importer)
  • Fixed audit log (set access code/changed access code logging)
  • Added option to disable access code caching on domain level
  • Added option to limit the number of initialized users at the domain level
  • Minor improvement in UI
  • Minor bugfixes

Version 4.10.1

  • Fixed validation if User group FDN in Group to User tag mapping contains spaces
  • Fixed issue with overflowing labels in User form in some language mutations

Version 4.10.0

  • Added Convert applied permissions to inherited action – converts all explicit permissions that are lower or equal to inherited permissions from parent container to inherited permissions
  • Added Applied user tags tooltip and user tag icon to permissions with possible applied user tags
  • Added domain name to user name on Applying Permission Templates page
  • Added SAB Manager plugin for Far manager
  • New versions of import tools
  • Fixed sorting order in Sharing & Permissions (was sorted by username, not by full name), same issue in Add User(s)
  • Fixed ‘Set permissions for selected & Remove permissions for selected’ actions in Sharing & Permissions (actions sometimes remained visible even when no user was selected)
  • Fixed no data message in Applying Permission Templates to text explaining why there are no permissions to apply
  • Fixed missing parent safebox group in Applying Permission Templates page (when user had no T or A permissions to the group)
  • Fixed permission changes when moving users to another domain using LDAP sync (was not removing permissions correctly)
  • Minor bugfixes

Version 4.10.0 Beta

  • added User Tags and Permission Templates for automated Permission assignment
  • added KeyShield SSO API certificate to backup
  • changed backup to not replace existing backup file (from same day)
  • authenticated user can now change its own permission (except removing Read and Access Control)
  • audit log now contains full Safe Box path
  • added ability to search in deleted and historic passwords in Search for password report
  • Minor bugfixes

Version 4.9.0

  • Added option to bulk edit permissions for Safe Boxes/Safe Box Groups
  • Minor bugfixes

Version 4.9 Beta

  • Improved settings and management of white envelopes
  • Added Server Status page with information, warnings and detected problems
  • System / Domain User manager
  • Improved filtering of users when assigning rights (filtered by surname, first name, and domain)
  • Changed sorting of usernames to Surname, Name
  • Fixed a problem with a remembered password in the mobile version after changing the password
  • Fixed problem with getting passwords to stations in some localizations
  • Minor bugfixes

Version 4.8.2

  • E-mail notification now report also created and decrypted records
  • It is possible to limit the maximum file upload size globally and per domain
  • From the Password audit report, you can show a list of entries with a duplicate password
  • Fixed caching invalid accesscode in certain circumstancies
  • Fixed issue with login from latest IE 11 browser (wrong accept header)
  • Added reference to the documentation to the main menu
  • Minor bugfixes

Version 4.8.1

  • Fixed problem with the file/cert download if access code contains special characters
  • Improved cross domain account moving
  • Improved German translation
  • Minor bugfixes

Version 4.8.0

  • Updated cryptographic algorithms
  • Updated cryptographic libraries
  • Changed user password protection algorithm to bcrypt
  • Performance improvements
  • Improved passwords audit report
  • Improved audit log
  • New agent for Windows
  • New versions of import tools
  • New version of SAB Monitor
  • Fixed tickets permissions
  • Other minor improvements
  • Minor bugfixes


  • SAB audit log can be filtered by agent configuration and/or type of activity
  • Enhanced tickets audit logging
  • Added new type of KeyShield SSO Authentication – Certificate Authentication through KeyShield SSO Client API
  • Added new version of KeePassToSAB import tool
  • Minor bugfixes

Version 4.7.1

  • Added option for disabling tickets
  • Tickets can be optionally accessible only from defined subnets
  • Agent configuration page is now divided into tabs
  • Fixed issue with automatic deletion of invalid tickets
  • Fixed filtering in audit log
  • Minor bugfixes

Version 4.7.0

  • Internal release

Version 4.6.2

        • Added option for disable offering previously entered tags
        • Added predefined quick filter for showing initiated users only
        • Minor bugfixes

Version 4.6.1

        • Added paged size settings for LDAP Connectors
        • Minor bugfixes

Version 4.6.0

        • Added user interface for built-in backup configuration
        • Added new versions of import tools
        • Minor bugfixes

Version 4.5.1

        • Access code is now cached also in the mobile version (if configured)
        • You can see a list of authorized security officers on the white envelope page
        • Improved permission report (information about the white envelope)
        • Added new versions of import tools
        • Minor bugfixes

Version 4.5.0

        • System / Domain Auditor
        • New User is default set as Safe Box user
        • Security Officer has also Safe Box user rights
        • Security Officers can cooperatively delete White Envelopes and records in White Envelopes
        • Improved validation of domain names (forbidden characters – tab, invisible chars, etc.)
        • White Envelope information page (when White Envelope is not activated)
        • Showing also deleted records in reports “Access to Records” and “Access to Safebox”
        • Checkbox “Redirect to https” is now visible even if Http mode is enabled
        • Patched JSON parser
        • New agent for Windows
        • New agents for Linux (rpm, deb, raspbian)
        • Minor bugfixes

Version 4.4.0

        • Added new user role – Auditor
        • Added new user role – Safe Boxes User
        • Search now supports wildcard * as the first character
        • New agent for Windows
        • New SAB Launcher version – supports RD connection through an RD Gateway server
        • Minor bugfixes

Version 4.3.7

        • Fixed database backup task resource leak (‘Too many open files…’ error)
        • Fixed wrong expiration date in invitation mail
        • Fixed audit log – A record of deleting a registered station

Version 4.3.6

        • Fixed wrong view of day names in date picker
        • Improved system messages

Version 4.3.6 RC2

        • Improved re-sharing mechanism for inherited keys
        • Fixed issue with ACL deletion

Version 4.3.6 RC

        • New SAB Launcher version – improved fullscreen support for RDP
        • New agent for Windows
        • Fixed and improved ACL management
        • Improved audit log
        • Fixed Password audit report
        • Fixed problem with editing the entry if the user who created it was deleted
        • Fixed bookmarks in reports
        • Fixed search with the dot contained in the search query
        • Fixed Permissions report for situations where a user has permission to a deleted domain
        • Minor bugfixes

Version 4.3.5

        • New agent for Windows
        • New agent for macOS
        • Improved agent configuration management
        • Fixed access control validation to agent configuration
        • Minor bugfixes

Version 4.3.4

        • Added new report – Permissions (user permissions to safeboxes)
        • Added user search by GUID
        • Fixed validation when multiple agent configurations are assigned to the domain
        • Minor bugfixes

Version 4.3.3

        • Fixed issue with validation that allowed to delete domain with users
        • Fixed configuration revert if the server failed to start
        • Fixed index for users and domain tables
        • Minor bugfixes

Version 4.3.2

        • Internal release

Version 4.3.1

        • New embedded version of JRE 1.8.0_141
        • Fixed user filtering error in SAB agent configuration
        • Fixed feature “Remember the last location” which did not work properly on some occurrences
        • Fixed an error that occurred after deleting and re-adding the user
        • CSV importer utility now support (import) tags
        • Improved user documentation

Version 4.3 RC3

        • Audit log can be now sent to SYSLOG/SIEM separately
        • Fixed the problem with changing the safebox/safeboxgroup from private to shared and back to private

Version 4.3 RC2

        • Added new agent configuration option – Online configuration
        • New agent for Windows – agent support online configuration
        • Fixed sync from LDAP that stopped working after deleting the synchronized user
        • Added an independent registration interface for agent registration
        • Added option to set hostnames for web interfaces
        • Added new user role – SecureAnyBox User
        • Access to agent configuration can be restricted to selected users and/or domains
        • Added option to send a message to selected users
        • UI improvements
        • minor bugfixes

Version 4.2.1

        • Added new report – Access to SafeBox
        • Added an option to set email alerts only to selected safeboxes
        • Fixed SAB Launcher if it’s connecting ssh (PuTTY) to a different port than the default (22)
        • SAB Launcher now detects the required version of .NET framework during installation
        • Fixed an issue that could, under certain circumstances, caused the upgrade from older version failed
        • Fixed the assignment of the default agent configuration to the domain
        • Fixed deletion of users
        • minor bugfixes

Version 4.2

        • Improved reports
        • Fixed SAB Launcher when it’s used by multiple users at the same workstation
        • SAB Launcher now supports secured RDP connection
        • Fixed Windows installation wizard option “Run SecureAnyBox”
        • minor bugfixes

Version 4.2 beta 1

        • Added reports
        • Added the ability to run RDP, PuTTy, or WinSCP directly from the records using the stored connection informations and passwords
        • Non LDAP Users can be moved between domains
        • Sharing may be disabled at the domain level
        • Fixed wrong redirection after entering a configuration password
        • Fixed a port change problem in the LDAP agent configuration
        • The trial period was shortened from 45 to 21 days
        • minor bugfixes

Version 4.1.3

        • New agent for Windows – agent support Windows auto log on with domain users
        • Added automatic hiding of protected fields
        • Each configuration can have its own registration address
        • Registered station displays the default user name (if its set)
        • Fixed validation when creating the eDirectory object for LDAP connector
        • Improved installation on Linux
        • minor bugfixes

Version 4.1.2

        • New public API specification has been added
        • Import tools for import from KeePass and CSV are available for download directly from the application
        • Bulk removal of Registered Stations
        • Added sorting in the Registered Stations table
        • Fixed automatic deletion of old backups
        • minor bugfixes

Version 4.1.1

        • Fixed a bug causing safe box page to load very slowly in some circumstances – removed uneccessary SQL queries

Version 4.1

        • Fixed filtering inside safe boxes
        • Fixed wrong download link for SAB agent for Windows
        • minor bugfixes

Version 4.1 RC5

        • Fixed inability to repeat creating accounts in certain circumstances
        • Fixed positioning of tooltips

Version 4.1 RC4

        • Fixed improperly granted permissions during the upgrade
        • Fixed LDAP viewer
        • minor bugfixes

Version 4.1 RC1

        • Fixed inability to change entries saved in “white envelope” safeboxes
        • minor bugfixes

Version 4.1 beta 4

        • New redesigned and more granular user permissions
        • bugfixes

Version 4.0.3

        • added “Redirect to HTTPS” option when http mode is disabled
        • minor bugfixes

Version 4.0.2

        • signed msi installer for Windows agent
        • added button “Copy to clipboard” for password pickup

Version 4.0.1

        • Improved user management – Added predefined quick filters
        • minor bugfixes

Version 4.0

        • Fixed wrong audit log labels
        • Fixed upgrade from older SecureWinBox versions to SecureAnyBox on Windows
        • Improved Linux install script
        • minor bugfixes

Version 4.0 beta

        • Added “White Envelope safebox” function. This kind of safe box can be opened by a group (min 2) of predefined security officers. Opening is fully audited and the owner of the safebox is notified by e-mail message
        • KeyShield SSO integration can be configured so that it requires the use of two-factor authentication
        • Fixed a problem in the mobile client, which caused some users could not get passwords for workstations
        • minor bugfixes

Version 3.1.2

        • Fixed https keystore file upload

Version 3.1.1

        • Added option to send email notifications about changes in the records
        • minor bugfixes

Version 3.1

        • Fixed critical bug in Windows agent – under certain circumstances could be set wrong password
        • Fixed wrong displayed pages in Internet Explorer 11
        • Windows agent support Windows auto log on
        • minor bugfixes

Version 3.1 beta1

        • SecureWinBox was renamed to SecureAnyBox
        • new agent version for Windows (reports timezone of station)
        • new agent version for Mac OS X (reports timezone of station)
        • new agent version for Linux (reports timezone of station)
        • minor bugfixes

Version 3.0.3

        • During upgrade is default agent configuration allowed in system domain

Version 3.0.2

        • fixed problem with tickets – under certain circumstances, they could return the wrong password
        • tickets improved – ticket now can be issued for specific platform, workstation and/or user
        • fixed problem with JCE policy being overwriten during update of private JRE
        • new agent version for Windows
        • other minor fixes

Version 3.0.1

        • added agent for Mac OS X
        • fixed mobile web interface issues
        • other minor fixes

Version 3.0

        • agent configuration moved to SecureAnyBox section
        • multiple agent configurations allowed
        • new agent version for Windows
        • added agent for Linux
        • improved KeyShield SSO integration
        • websocket notifications now supports SSL
        • fixed certificate download from https keystore
        • improved audit log
        • other minor fixes

Version 2.9.3

        • Fixed – https keystore move to correct subdirectory during upgrade

Version 2.9.2

        • Added info message after copying password to clipboard
        • Updated SecureAnyBox Agent version to 1.4

Version 2.9.1

        • minor fixes

Version 2.9.1 beta1

        • added Remember last location option (user or user and workstation)
        • added Login/logout polling for automatic Login/Logout by KeyShield SSO Server notifications
        • improved secure account ui
        • account password can be copy by click on password area

Version 2.9.0 beta1

        • Consolidations (form validations, transactions, user rights and autorizations)
        • added self-signed certificate generation for HTTPS
        • improved login mechanism
        • added optional access code caching on records level
        • added warning when Unlimited Strength Jurisdiction Policy Files are not installed in Java runtime (must be installed manually)

Version 2.8.4

        • fixed critical bug – database corruption when moving File or Certificate record

Version 2.8.3

        • improved AD LDAP functionality
        • fixed list selection issues (users,sharing
        • updated H2 database engine to fix startup locking issue
        • other minor fixes

Version 2.8.2

        • fixed mobile login problem
        • completed German translation

Version 2.8.1

        • fixed issue with file download not working when appPath was set
        • ignore users without access code when sharing safebox and selecting all visible users
        • removing deleted items now removes only visible items (to which user has rights)
        • login page redesign (field labels,disaclaimer message)
        • other minor fixes

Version 2.8.0

        • added personalised links to login page to domain and user edit forms
        • fixed issue with old license files which don’t contain domain count
        • fixed issue with unlimited user licenses
        • Windows installer now offers previous installation directory during SecureAnyBox update
        • improved diagnostic messages in Configuration Summary and About page

Version 2.8.0 beta 2

        • users with SecureAnyBox admin role are now granted SecureAnyBox admin, User manager and Configuration Admin roles after database upgrade
        • improved connector synchronization log
        • added choice to view All Domains at once in user management
        • allow sorting on additiona columns in user management
        • minor fixes

Version 2.8.0 beta

        • added user domains
        • added new record types (Certificate, File, Credit Card, Secret Account)
        • added user roles (configuration admin, secureanybox admin, safe box admin, user manager)
        • deleted safebox items are filtered by user access rights – safebox admin can undelete any record
        • improved mobile client authentication (KeyShield SSO integration) and functions
        • mobile client respects user language setting
        • user management improvements (language setting for individual users, better user form)
        • improved password structure display + policy requirements indication when setting access code
        • improved LDAP user synchronization (e.g. better user id conflict and error handling)
        • added LDAP search filter expression to LDAP Connector configuration – to properly filter user objects on different LDAP types and allow custom filter expression
        • added LDAP synchronization log page – manual synchronization, separate log file for synchronization of each connector
        • preventing user login before admin sets access code
        • fixed issue when attempting to move Safe Box to root level
        • UI improvements and fixes
        • audit log moved to corresponding section (separate for SecureAnyBox and Safe Boxes)
        • added login disclaimer

Version 2.7.2

        • fixed safebox key encryption padding issue

Version 2.7.1

        • fixed sizelimit LDAP synchronization problem
        • fixed LDAP viewer problem occuring when conenctor search base contained trailing
        • whitespace
        • other minor fixes

Version 2.7.0

        • changed database engine to H2 – update SecureAnyBox to version 2.6.1 before installing 2.7.0, otherwise database upgrade will fail
        • default admin account is now built-in – you will be asked to set admin password before first login
        • licensing changes – 45 days demo (full enterprise functionality) without license, user licenses are consumed by users with access code initialized
        • new license format – you need to ask for new license
        • support for multiple LDAP connectors for user synchronization
        • removed dependency on LDAP groups for user role management
        • user management/authentication is now possbile even without LDAP configuration – users are authenticated against database first
        • access code initialization is now mandatory before it’s possible to share passwords with user
        • added log viewer and logging settings
        • added LDAP viewer
        • added Syslog remote logging support
        • improved audit log view
        • improved configuration UI
        • minor improvments on all pages
        • new application logo
        • various bug fixes

Version 2.6.1

        • fixed KeyShield SSO integration
        • fixed problem with disabling HTTP server

Version 2.6.0

        • added optional Access Key caching
        • added French and German localization
        • UI improvements

Version 2.5.5

        • updated configuration interface
        • improved eDirectory installation – allow custom password to resolve potential NMAS policy issuses
        • added password strength meter
        • added log viewer
        • improved logging – cleanup, configuration change logging
        • fixed critical bug in user management – possible key loss when editing user records

Version 2.5.4

        • improved filtering of safe boxes with accents in their name
        • fixed removal of deleted safes with assigned ACLs
        • fixed undelete for hierarchies of safe box group > safe box > accounts
        • fixed alphabetical sorting of users during ACL assignment
        • fixed password pattern format description (missing escape character)
        • added missing localizationb messages

Version 2.5.2

        • new Linux installation and init.d script (LSB compliant) tested on SuSE, CentOS, Ubuntu Server, Fedora, RedHat
        • added path to JVM bin directory to system service startup on Windows
        • fixed ticket sharing when password target is set to user group (added username input field)

Version 2.5.0

        • Safe Box sharing access control using ACL
        • QR code ticket sharing
        • improved authentication configuration
        • improved user management
        • improved mobile interface
        • various bug fixes

Version 2.0.1 IR

        • Fixed system service startup during installation on some Windows machines.

Version 2.0.1

        • password safe search – improved search result display (safe box name in account results)
        • password safe browsing – improved sorting
        • password safe browsing – private safe boxes on top
        • password safe – initial input focus on search / filter fields
        • KeyShield SSO – trusted proxy list (for configuring SSO when SecureAnyBox is behind proxy/Apache)
        • mobile interface (password safe only)
        • various layout/display fixes
        • wrong redirect when accessing root URL after base URL is set in configuration

Version 2.0

        • completely new application and UI rewritten from scratch
        • Enterprise Edition with Password Safe

Version 1.50

      • Added password request tickets for obtaining station passwords from scripts, etc.

4.20.0 (3/12/2020) – changelog | checksums

Server: Windows | Linux Installation on Linux guide

4.19.0 (11/11/2020) – changelog | checksums

Server: Windows | Linux Installation on Linux guide

4.18.3 (29/9/2020) – changelog | checksums

Server: Windows | Linux Installation on Linux guide

4.17.3 (14/5/2020) – changelog | checksums

Server: Windows | Linux Installation on Linux guide


2.6.1 changelog | checksums

Server: Windows | Linux