1.3.2 (November 22 2023)
    - The PasswordStrength setting now uses locally-downloaded password
      blacklists for weak or leaked passwords found on public sources.
    - Fixed ActiveDirectory password re-use check not working.
1.3.1 (June 26 2023)
    - Domain list is hidden when only one domain is configured.
      > Note that you can use the domain's allowed application setting
        to limit the domain list per application and hide the domain input.

1.3.0 (March 20 2023)
    - Added support for WebADM v2.3 (this version requires WebADM v2.3).
    - Added Require Certificate setting.
    - Fixed locked-out account unlocking.

1.2.1 (March 27 2023)
    - Added compatibility with WebADM 2.3.
    - Removed Default Backend and Allow PKI settings.
      > PKI wan now be used transparently in normal and MFA mode and will bypass
        the username input.

1.2.0 (January 19 2023)
    - Added compatibility with WebADM 2.2.
    - Removed FIDO U2F (deprecated in flavor of FIDO2).
    - Updated the application icons.
    - Expiration time for a reset request is now in hours.

1.1.7 (November 1 2022)
    - Removed default value for Minimum Password Length.
    - Policy requirements are not displayed when a custom policy message
      is configured.
    - Added automatic language switching based on LDAP user language.

1.1.6 (September 2 2022)
    - Added SQL audit log event types (requires WebADM >= 2.1.15).
    - Added Error SQL logs for all failed actions.

1.1.5 (April 22 2022)
    - Display policy check error message on password change due to backend
      password policy check constraints.
    - Fixed several issues with password policy rules display.
    - Added a setting to provide additional policy information to the users.

1.1.4 (December 5 2021)
    - Prevent username, fullname, CN or domain to be used as password.
    - Fixed broken PKI login.
    - Added support for PKI login with external certificates (ex. eIDAS).
      > Requires WebADM version >= 2.1.0.
    - Added support for FIDO2 Web login with U2F-registered FIDO devices.
    - Fixed broken FIDO2 login with Apple Safari browser.

1.1.3 (July 7 2021)
    - Create a logfile event for every user operation.

1.1.2 (March 9 2021)
    - Added FIDO2 PIN / Biometric user verification policies.
    - Removed all TiQR functionalities.
      > Your application configuration may be incorrect after upgrade if you
        enabled any TiQR setting. In this case, just edit and re-apply the
        configuration under the 'Application' menu in WebADM.

    - Added compatibility with WebADM 2.0.11.

    - Added support for OpenOTP Voice Biometrics.
    - Added compatibility with WebADM v2.0.0.
    - Added support for OpenOTP virtual attributes.
    - Added 'None' method not to send the one-time request via Mail or SMS.
    - Added support for user ActiveDirectory principal names (UPN).
      > The 'Show Domains List' setting must be disabled to use UPNs.
      > Warning: When 'Show Domains List' is disabled, the domain input is now
        removed! Users must login with domain\username to force a domain name.

    - This update is required for WebADM version >= 1.7.6.
    - Added support for Client policy -based access restrictions.
    - Added a 'Cancel' button when accessing the application via a link.
    - Fixed 'Close' buttons sometimes not closing/blanking correctly.
    - Fixed one-time access link not beeing expired after an OpenOTP login.
    - Fixed several wrong file permissions.

    - Added optional MFA requirement in the Manager method.
    - Added a configuration to require access via email links (like SelfReg).
    - Fixed other methods' list in the login pages not displayed when only one
      other method is available.

    - Added support for WebADM v1.7 (it does not work with previous versions).
    - Fixed AD account unlock not working (requires WebADM v1.6.9-2).
    - Added max password length to the password policy settings.
    - Added a setting to reject SAML requests not patching a client policy.
    - Added a setting to enable/disable the PKI login feature.
    - Added German translations.

    - Added support for FIDO2 with TPM chips (ex. Apple MacBooks).
      > This option requires OpenOTP v1.4.2.
    - Added support for password blacklist checking at haveibeenpwned.com.
      > The embedded password blacklist has been removed.
      > Requires WebADM to have Internet access (direct or via HTTP proxy).
    - Added exported framework function to be used by SelfDesk password change.
    - Fixed 'close' button not always displayed after password reset.
    - Minor cosmetic enhancements.

    - Added support for FIDO2 (CTAP and WebAuthn enrollments).
      > You need OpenOTP v1.5 with this version of Password Reset.

    - Added WAPI methods for sending password reset requests to users or groups.
    - Added a Manager method to batch-send password reset requests.
    - Removed OpenOTP and TiQR custom URL settings.
    - Added Admin pages for LDAP users and groups.

    - Fixed issues with OpenOTP/TiQR authentication when AD account is locked.
    - Added support for ActiveDirectory "user must change password" state.
    - Added ActiveDirectory Account unlocking (AD Lockout).
    - Added support for WebADM v1.6 (this version does not run on previous WebADM).
    - Added support for access restrictions based on a client policies.

    - Added multilingual support (French translation for now and more to come).
    - Added support for upcoming U2F on Firefox and Opera browsers.
      > You need OpenOTP v1.3.2 with this version of PwReset.
    - Added support for the new OpenOTP Push Login methods.
    - Device Id context uses HTTP Cookie instead of Browser fingerprint.

    - Uses the new WAPI framework from WebADM v1.5.0.
    - Added product categorization for WebADM v1.4.5.
    - Complete facelift with new design and login workflows.
    - Added brute-force attack protection with source IP address blacklisting.

    - U2F uses embedded javascript and does not require the Google Chrome extension.
    - Added a setting to force challenge and hide the OTP input in the login form.
    - Added support for WebADM user_level configurations in webadm.conf.
    - Changed default minimum password length to 6 characters.

    - This version is designed for WebADM v1.4 and is not compatible with v1.3.
    - Added dynamic password change complexity based of new password length.
    - Added support for OpenOTP v1.2 and FIDO U2F authentication.
    - Added an option to switch between Simple and Normal OpenOTP login modes.
      > The default mode is now Simple Login.
    - Added support for OpenOTP contextual authentication with trusted contexts.

    - OTP inputs do not display the OTP password (required for protecting OTP PIN).
    - Added support for TiQR 1.0.7-2 with re-designed TiQR+LDAP workflow.
    - Fixed password refused with challenged OTP.
    - User cannot set a new password equal to the previous password.
    - Passwords change respects the AD password history policy.
    - Added a PKI login mode which bypasses OTP and TiQR authentication.

    - Added an option to require the expired LDAP password validation.
    - Added configurations for min password length up to 16 characters.

    Initial Password Reset release.
    - Application authentication is done via OTP or TiQR.
    - Supports LDAP and AD Domain password reset.
    - Supports password complexity policies.