2.0.14 (April 13 2021)
     - Voice Biometric authentication forces Voice request via Mobile Push.
     - Non interractive session (ie. SCP/SFTP) removes the 'LDAP' factor
       requirement when 'LDAP' or 'LDAPOTP' MFA method is configured.
     - License checks now occurs at session start request time instead of
       authorized keys requests.
     - Added a new setting for configuring Forced OTP Type with SCP sessions.
     - Added per-domain email sender with service provider licenses.
2.0.13 (April 4 2021)
     - Added Client ID chaining with OpenOTP and SMSHub Web services.
       > When SpanKey sends a MFA request to OpenOTP, the client ID is
         forwarded. You can also implement cross services client policies.
     - Added %DATE% and %SERVICE% to the message templates' variables.
2.0.12 (March 8 2021)
     - Fixed broken contextual extra factors' feature.

     - Added compatifility with WebADM 2.0.11.

     - Fixed configured backup/recovery keys not beeing returned.
     - Added a 'Forced OTP Type' setting to force aspecific OTP method when
       OpenOTP Extra login factor is required.
     - Fixed some issues with the FIDO-U2F private bundle import.
     - Added support for OpenSSH v8.2 with FIDO U2F Devices.
       > FIDO device keys can either be enrolled graphically or imported.
     - Fixed client certificates not always working with shared accounts.
     - Certificate keys are now feeded as SSH public keys.
     - Added comatibility with WebADM v1.7.10.
     - Multiple code rewrites and optimizations.
     - Added contextual authentication when extra login factors is enabled.
       > Users do not need to re-enter the LDAP/MFA password for all servers
         for a limited period as long as the connect from the same source IP.
     - Added MaxUID and MaxGID setting for NSS account filtering.
     - Added support for SSH access with WebADM client certificates.
     - Optimizations to the tagging subsystem.
     - This update is required for WebADM version >= 1.7.6.
     - Fixed Sudo Commands not working when configured on both user/group and
       client policies.
     - Improved SSH generation time.
     - Highly improved ECC key support.
     - Allow existing key import for all supported key types.
     - Prevent import for key not matching the key lenght in self-services.
     - Added password change retries count (to be used in upcoming SpanKey agent).
     - Re-scoped some application settings.
       > If you configured blocking policies or geo-fencing on a user or group,
         please configure it in the application or client policy.
     - Added client server hostname in the SQL logs.
     - Added final support for Auditd dynamic rules.
     - Added support for variables in the welcome message.
     - Added support for WebADM cluster-level caching API.
     - Added support for external public key registration via self-services.
       > A new Manager method allows registration with external keys too.
     - Added support for sudo commands and privilege elevations in WebADM.
       > Sudo can be configured in client policies, users and groups.
       > The sudo feature will be available in SpanKey Client v2.1.2.
     - Added an options to limit the max usage count for a SSH public key.
       > Automatic re-enrolment email link via SelfReg is supported.
     - Added login statistics (login count, success and failures) to the
       SpanKey user data.
     - Fixed broken key export in PPK format (Putty).
     - Fixed key register with the Manager API when no key size is provided.
     - Added login shell per host via a Client policy configuration.
     - Added schedulable reporting utility in 'bin/report' with CSV output.
     - Added Auditd rule configuration for terminal and SCP sessions.
       > This feature will be available with SpanKey client v2.0.3.
     - Added support for WebADM v1.7 (it does not work with previous versions).
     - Fixed issues with ECC key management.
     - Fixed search base when the group search base is defined on the domain.
     - Added support for accounts with local authorized keys files.
       > Accounts list can be adjusted per client policy.
       > Authorized keys files can be configured on the server.
       > Authorized keys files can also be set per user and per group too.
     - Added NSS caching optimization under very high load.
     - Added support for records with Auditd event logs.
     - More and better SQL logs.
     - Added OTP challenge response support with the optional MFA login.
       > OTP retries are also supported.
     - Added LDAP and LDAPOTP options for MFA login.
     - Added a terminal session unlock feature.
     - Removed trust domain support (dropped in the upcoming WebADM 1.7.0).
     - Added LDAP password change feature via SpanKey PAM module.
     - Shared account login shows the real user identity in the audit log.
     - Unlock retries are limited to 3 LDAP password attempts.
     - Added support for MinUID and MinGID policy settings.
     - Added record session's data size limitation.
     - Added support for expired password reset links via email and SMS.
     - Added optional MFA login (only SimplePush is supported with the current
       SpanKey Client).
     - Added user notifications when password or SSH key expired.
     - Multiple code and performance enhancements.
     - Brand new version with compatibility break with SpanKey v1 branch.
     - Added session recording capabilities (WebADM 1.6 Record feature).
     - Added support for SpanKey client agent v2.0 for Linux.
     - New NSS integration.
     - Much faster response time.
     - Added support for SSH session lock screen.
     - Added support for offline SSH access.
     - Added the possiblity to import an existing RSA SSH public key.
       > Available under the admin portal actions only.
     - Added localized messages API compliance with WebADM v1.5.10.
     - Fixed an issue with NSS users missing login shell.

     - Added error IDs to the error reponses.
     - Added support for WebADM service protocol API version checking.
     - Fixed a NSS issue when no Posix user or no Posix group exists.
     - Added an option to download both the PEM and PPK SpanKey private
       keys bundled in a ZIP file.
     - Added the %GROUPS% variable to the Authe Success URL setting.
     - Added session monitoring with session start and stop audit.

     - Added the SpanKey NSS methods.
       > SpanKey is now a NSS provider for Posix users and groups.
       > Integrated Linux systems do not need NSS-LDAP anymore.
       > Note that SpanKey NSS functionalities requires SpanKey client
         v1.0.1 which will be release soon.
     - The authorized keys API does not append the username to the keys.
     - Many optimizations.

     Initial SpanKey release.