Secret Server 2.1 has been released! Many of the changes are customer driven, so please look to see if your issue has been resolved. We have worked hard to take Secret Server to the highest level of security possible with an upgrade to AES 256 bit encryption and SHA-512 hashing. Below is the full list of major improvements.

•Upgraded AES encryption strength from 128 bit to 256 bit on all secrets.
•Upgraded user password hashing from SHA-1 to SHA-512.
•Symmetrically encrypted data is now salted when encrypted - this means two secrets with the same value will not have the same encrypted value.
•Fixed Secret Type active error for MS Access users.
•Added "lite" user interface when using mobile device (compatible with Windows Mobile, BlackBerry and Palm).
•Enhanced Webservices support for the IE toolbar (toolbar currently in beta testing).
•Administrators can now disable server side support for the IE toolbar.
•Secret Field Descriptions are now available when editing secrets.
•Fixed login failure count bug when re-enabling a user.
•Improved overall performance by reducing database access, including the “home” screen.
•Active Directory integration can now be configured per-user.
•All secrets require at least one person to have share/view permissions (to prevent orphaning secrets).
•Groups now appear before users in drop down lists when sharing secrets for easier navigation.
•Resolved issues with Secret Type Designer regarding edit and up/down arrows.
•The Secret Search and Import pages now display only “Active” Secret Types.
•Users can now audit other users that share the same secret.
•Notes fields now preserve text formatting.
•Researched and improved Microsoft’s OutOfMemoryException handling (which only occurs on certain machines).

AES 256 bit Encryption
"The design and strength of all key lengths of the AES algorithm (i.e., 128, 192 and 256) are sufficient to protect classified information up to the SECRET level. TOP SECRET information will require use of either the 192 or 256 key lengths." (http://en.wikipedia.org/wiki/Advanced_Encryption_Standard)

SHA-512 Hashing
"SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512 are the secure hash algorithms required by law for use in certain U. S. Government applications, including use within other cryptographic algorithms and protocols, for the protection of sensitive unclassified information." (http://en.wikipedia.org/wiki/SHA512#Applications)

Besides all of the security tools in 2.1, perhaps the coolest feature is the compatibility with mobile devices.  Now, if you need your AAA number because your car broke down (and you’re someone like me who always loses their wallet), you can access it through your phone.

— Dan