We deliver updates and improvements to Hub on a continuous basis. Here's an overview of changes that are available in Hub 2018.3.
Hub gets a fresh, new look! We've rebuilt every page using components from JetBrains' open-source library for web-based products, Ring UI.
We've built in support for two-factor authentication directly into your Hub account. Pair your Hub account with an identity verification app on your mobile device and add an extra layer of security.
To help you stay connected to third-party services that don't support two-factor authentication, we've also added support for application passwords. Use these randomly generated passwords to give an app or device permission to access your Hub account.
|Global Password Change Requests|
A new action in the Hub authentication module lets an administrator request that all users change the passwords for their Hub accounts. When you believe that a malicious user has obtained unauthorized access, use this feature to keep your installation secure.
Updates and Enhancements
|Allowed Organizations for GitHub Authentication|
A new setting for the GitHub auth module lets you restrict logins to members of specific GitHub organizations. If your Hub installation is accessible over the internet, you can let users who belong to your organization sign in with their GitHub accounts.
|LDAP Group Mappings|
You can now map groups from a directory service to groups in Hub. These configuration options are available for the Active Directory, LDAP, and Open LDAP auth modules.
|Custom Order for Favorite Dashboards|
You can now apply a custom order to your list of favorite dashboards. Place your dashboards in the desired sequence and page through them in a logical order.
|Access Interface Updates|
The redesigned Access tab gives you better insight into the roles that are assigned to users and groups in your projects. You also have direct access to all of the operations that allow you to revoke access rights on one page. The updated layout has also been applied to the Roles tabs for users and groups.
We've added a list of logins that are currently being tracked for rate limiting. This helps you quickly identify accounts that a malicious user may be using in a brute force attack.
|Access Token Timeout|
A new setting for authentication modules lets you specify the maximum lifetime for access tokens. Use this setting to limit the amount of time a malicious user can access the application.
We've changed how Hub parses values in the database for search queries. As a result, it's now possible to filter for users by email address domain. You can also find possible matches for things like usernames and permission keys when you type partial values.