The following security enhancements have been added

• Ability to remember 2FA/MFA devices for 30 days
• 2FA/MFA methods supported now also include: Security keys, SMS and built in authenticators (i.e. fingerprint, face recognition) as well as auth apps
• Password repeat protection
• Exposed credential detection - email notification/error message
• Password strength meter
• Passwordless expiration time changed to 20 min
• Force Relogin changed to 90 days
• Maximum Concurrent Sessions 10
• Idle Session Timeout changed to 1 day
• 2FA/MFA custom name defaults to Streamkap