SafeNet MobilePASS+ for Windows
SafeNet MobilePASS+ for Windows is a Winodws client application enabling you to access corporate and web-based resources securely. It eliminates the need to remember complex passwords. SafeNet MobilePASS+ for Windows is a cost-effective way for businesses to leverage the security of One Time Passwords (OTP) using Windows. Associated with SafeNet Trusted Access (STA), the SafeNet MobilePASS+ for Windows application is a perfect combination of security and convenience. It offers a simple user experience for token activation and authentication using the push OTP mechanism.
For a list of existing issues as of the latest release, refer to Known Issues.
SafeNet MobilePASS+ for Windows v2.6.0 introduces the following features:
Trusted Platform Module (TPM) support: SafeNet MobilePASS+ for Windows now provides enhanced security for authenticators within MobilePASS+ by using Trusted Platform Module on Windows desktops.
This feature is available only in Windows machines having Trusted Platform Module (TPM) security processor enabled. This feature has been tested in Discrete Trusted Platform Module (dTPM) security processor machines.
Authenticator sorting with shared authenticators: When using shared authenticators within MobilePASS+, authenticators are now by default sorted alphabetically when users launch the app.
System Center Configuration Manager (SCCM) deployment support: SafeNet MobilePASS+ for Windows MSI now supports deployment using Microsoft System Center Configuration Manager (SCCM).
SafeNet MobilePASS+ for Windows v2.5.0 introduces the following features:
MobilePASS+ push with number matching: Number matching in MobilePASS+ secures push authentications to protect against MFA fatigue or push bombing attacks. Number matching gives control to the user for every login request, because they must select the number that appears during authentication. Refer to the documentation for details about how to enable this feature.
This feature is available only for MobilePASS+ v2.5.0 onwards.
Enhancements to Shared authenticators: Improved application performance and stability when using shared authenticators in SafeNet MobilePASS+ for Windows.
SafeNet MobilePASS+ for Windows v2.4.0 introduces the following enhancement and some bug fixes:
- Enhanced Error Logging: Enhanced logging and error codes in MobilePASS+ for better troubleshooting and investigation.
SafeNet MobilePASS+ for Windows v2.3.1 introduces the following features and resolves the issue listed below:
Standards-based accessibility support: Enhanced accessibility support provides full functionality of SafeNet MobilePASS+ via voiceover, narrator, or keyboard navigation based on WCAG standards.
Italian language support
|SASMOB-4603||The toast message displays correctly after successful approval of a push request.|
With this release, hook detection as part of the risk detection feature is fully available.
SafeNet MobilePASS+ for Windows v2.2.7 resolves the following issues:
|SASMOB-4547||SafeNet MobilePASS+ for Windows now opens correctly on Windows 10 after the Windows security patches are installed.|
|SASMOB-4242||SafeNet MobilePASS+ for Windows opens correctly after the operating system is upgraded to Windows 10 21H1.|
With this release, hook detection as part of the risk detection feature is temporarily disabled. Debug detection still works as expected.
SafeNet MobilePASS+ for Windows v2.2 introduces the following features:
Support for Windows 11
Support for Windows Servers 2019 and 2022 - Available with exe- or msi- based installations of SafeNet MobilePASS+ for Windows.
SafeNet MobilePASS+ for Windows 10 v2.1 introduces the following feature:
- Dutch language support
SafeNet MobilePASS+ for Windows 10 v2.0.2 introduces the following features and resolves the issue listed below:
Enhanced user experience - Next generation mobile authenticator offering the best-in-class user-experience and native user interface for each platform.
German, Chinese, and simplified Chinese language support
Risk Detection - Monitors and displays risk parameters associated with SafeNet MobilePASS+ for Windows 10 devices in the customer’s environment. These parameters include OS jailbreak and root status, OS versions in use, possible application tampering, and malware intrusion in order to detect potential risk to the authenticator's integrity. Refer to the documentation for further details.
Push Authentication History - Users can now access their push authentication history on SafeNet MobilePASS+ for Windows 10 under the authenticator settings.
Support for Dark Mode - SafeNet MobilePASS+ for Windows 10 now supports dark mode when it is enabled on the user’s mobile device.
Unlimited Authenticators - SafeNet MobilePASS+ for Windows 10 no longer has the limit on the number of authenticators that can be enrolled.
Support for Shared Authenticators- SafeNet MobilePASS+ for Windows 10 authenticators can be managed and accessed by multiple users in Windows 10. You control which authenticators can be accessed, and by whom, by setting permissions on the token files with windows file management.
This feature is applicable to new authenticators that are created in exe- or msi- based installations of SafeNet MobilePASS+ for Windows 10.
|SASMOB-4069||SafeNet MobilePASS+ for Windows 10 installs correctly using MSI v18.104.22.168.|
SafeNet MobilePASS+ for Windows 10 and 11 is available in Windows Store.
- Map display in Push Notification: Map display in push notification uses the Downloaded Maps Manager service. This service is enabled by default, but it might be disabled by your IT department or by the system management tool. If this service is disabled, then maps are not displayed in login requests.
To enable this service and display the map in push login requests:
From the Windows menu, open the Services app.
Under Name, find Downloaded Maps Manager, and under Startup Type, see if it's set to Automatic (Delayed Start).
If the Startup Type is not set to Automatic (Delayed Start), right-click Downloaded Maps Manager, and select Properties.
On the General tab, next to Startup Type, select Automatic (Delayed Start) and then select OK.
SafeNet MobilePASS+ for Windows v2.6 is available in Windows Store.
Installing Windows using an ISO image
When installing Windows using a downloaded ISO image, device drivers related to disk, memory, and processor may not be up-to-date. Updating these drivers may result in failures in the SafeNet MobilePASS+ application, if previously installed, and would require the user to re-enroll their authenticators.
Enterprise firewall and proxy configurations to enable push notifications
To enable push notifications when SafeNet MobilePASS+ for Windows 10 is running on a desktop under a proxy, perform the necessary changes described at:
Enabling Windows services to allow WNS traffic
To receive push notifications, ensure that the following Windows services are running on the Windows machine which is used to communicate between the device and the WNS Server:
Windows Push Notifications System Service
Windows Push Notifications User Service_XXXXXX
Network Connection Broker
Certificate required for SAS PCE
You require a valid certificate on your SAS PCE server with the following features:
matching your domain URL
For security reasons, communications with the server will be interrupted if the certificate does not comply with the security checks.
Using SafeNet MobilePASS+ and SafeNet MobilePASS
SafeNet MobilePASS+ for Windows 10 and SafeNet MobilePASS for Windows can be used on the same device. New token enrollments are for either SafeNet MobilePASS+ for Windows 10 or SafeNet MobilePASS for Windows 10. This is controlled in SafeNet Trusted Access at the virtual server level.
Enabling the shared authenticator feature
SafeNet MobilePASS+ can be used to share tokens among users in the same machine. To enable Shared Local, enable the corresponding policy.
Alternatively, create a REG_DWORD, titled AllowSharedLocalAppData, with a value of 1 under:
Push notification and risk detection features are not supported with shared authenticators.
Virtual Environments (including VDI) are supported only when the shared authenticator feature is enabled.
The shared authenticator feature is only supported in exe/msi. It is not supported in the store version of the app.
Map display in push request is not supported in Windows Server 2019 and Windows 10 version 1903 and below.
Map display in push notification may not work if Downloaded Maps Manager service is disabled.
This table provides a list of the known issues as of the latest release.
Summary: After uninstalling MobilePASS+ MSI using SCCM, the MobilePASS+ app local data files are not removed completely.
Workaround: MobilePASS+ app local data can be removed manually from the following folder:
Summary: When SafeNet MobilePASS+ for Windows 10 is removed using the exe or msi installer file, it is removed for all the users in the local machine. But, local data only is removed for the user whom is removing the app.
Workaround: To remove SafeNet MobilePASS+ for Windows 10 for all the users, manually remove the local data folder from all the users or uninstall SafeNet MobilePASS+ for Windows 10 from the app list for all the users.
Summary: Location in the map view may not be visible within a push notification when switching between multiple push notifications that maybe queued.
Workaround: To see the location in the map close the queued push notification and re-open the push notification. This issue occurs only when multiple push notifications are queued in the app.
- Windows 10 and 11 Desktop/Tablet; minimum OS version 1709
BETA releases of the operating system are not supported.
Supported authentication servers
SafeNet Trusted Access (STA)
SafeNet Trusted Access (SAS PCE) 3.12 or later