Keycloak 1.9.5.Final has just been released. There's one change worth highlighting in this release. We've increased the default password hashing intervals to 20000. Yes, you read that right. We've actually recommended using 20000 for a while now, but the default was only 1. This is a clear trade-off between performance and how secure passwords are stored. With 1 password hashing interval it takes less than 1 ms to hash a password, while with 20000 it takes tens of ms.
Monday, 9 May 2016
Thursday, 28 April 2016
We've just release 1.9.3.Final. This release has a few bug fixes, but mainly we've focused on increasing test coverage for this release.
Thursday, 14 April 2016
The team has done an awesome job this time around and we've spent the last few weeks polishing and fixing! With 141 issues resolved this release takes us one step closer to having a supported version of Keycloak. For the next release we will focus on extending our testsuite as well as improving documentation. If you haven't already upgraded to 1.9.x now is the time!
Wednesday, 9 March 2016
Thursday, 3 March 2016
We're very pleased to announce that Red Hat is working on a commercially supported version of Keycloak. At the moment we can't give any details around product name, release date or subscription model. What we can tell you is that the supported version will be based on Keycloak 1.9.x.
Rather than working on new features we're currently focusing on performance, bug fixes and general polishing. We will be releasing minor releases of 1.9.x every few weeks going forward. This means that we highly recommend you upgrade to 1.9.x now. It will get continuous fixes, including security fixes, until the commercially supported version is ready. Going forwards we'll also be very unlikely to answer questions or help with problems unless you've upgraded to 1.9.x. We'd also appreciate all the review and feedback we can get on this release. We want to make it as good as possible.