The new release introduces service accounts, saved filters, a mobile version of the web interface, automatic Bin cleanup, and a number of other improvements and fixes.
Service accounts
Passwork now supports a new account type — service accounts. They are designed for automation and integration with external systems via API. Unlike regular user accounts, a single service account can have multiple API tokens, each scoped to a specific integration or environment.
Why you need a service account
Previously, each integration required its own account. Ten integrations meant ten accounts to create, configure, and maintain — with separate sign-ins needed just to generate or revoke tokens.
Service accounts solve this: one account, multiple independent tokens, all managed by the administrator. Revoke a token for one integration and the rest keep running without interruption.
How to create a service account
Service accounts are created in the User management — the same place as regular accounts.
How to create an API token
Tokens are created and revoked in the settings of a specific service account.
New role permissions
Three new permissions have been added to role settings:
- Create service accounts — allows creating service accounts
- Manage API tokens — allows generating and revoking tokens
- View API tokens — allows viewing existing tokens
Saved filters
Users can now save their selected filters and reapply them instantly. Saved filters are private — only the user who created them can see and use them.
To save the current filter settings, click the + button in the filter selection menu.
Automatic Bin cleanup
Passwork can now automatically delete items from the Bin after a set period. The new settings are available in Vaults settings — enable automatic deletion and configure the retention period from 1 to 1,461 days (30 days by default).
Once the retention period expires, passwords, folders, and shortcuts are permanently deleted from the Bin.
Mobile web interface
The Passwork web interface now adapts to mobile browsers. When opened on a mobile device, it switches to the mobile layout automatically.
Improvements
- Improved links: a webpage with a one-time or expired link now automatically transitions to the "Link expired" state 30 minutes after being opened or expiring, without requiring a page refresh
- The "Sign in with passkey" button on the sign-in page is now hidden if the "Use passkey instead of password" setting is disabled for all roles
- Simplified browser extension connection: removed unnecessary steps for selecting a user and re-authenticating after signing into a web session
- Improved the display of the lock state for the Authentication settings
- Updated the default values for master password and authentication lockout policies
- Added missing tooltips for long group names in LDAP settings
- Updated the tooltip display to improve readability
- Made various UI improvements and fixes
Bug fixes
- Fixed an issue where editing non-password fields of a item removed its threat flag in the Security dashboard
- Fixed an issue where the state of the authentication restriction setting for LDAP users could be displayed incorrectly
- Fixed an issue where column order and width were not saved between sessions
- Fixed an issue where browser navigation buttons stopped working in certain settings pages
Desktop app 1.3.0
- Added support for non-standard ports in the host URL
- Improved the app update mechanism and added automatic checks for the latest version
Alex Muntyan
Alex Muntyan
Alex Muntyan
Table of contents
Table of contents
A self-hosted password manager for your business
Passwork provides an advantage of effective teamwork with corporate passwords in a totally safe environment
Learn more