Workforce Password Management Release Notes

Release 23.12 (available December 1, 2023) introduces the following changes.

See CyberArk Identity Release Notes - Previous Versions for changes in previous releases.


We made the following updates to the release notes after the release, based on new information.

Change Date

Added New events track activity for Secured Items


Related services

Secure Web Sessions

See What's New for update notes specific to SWS.

Identity Compliance

See CyberArk Identity Compliance release notes for update notes specific to Identity Compliance.

Identity Flows

See What's new for update notes specific to Identity Flows.

What's new

The following new features are now available.

WPM new features
Feature Description

Insights for compromised passwords

The user can view the applications and secured items that contain compromised passwords. The User Portal and IBE alert users by displaying a red icon on the app/secure item tile or the folder when a compromised password is detected and prompts the user to change the password. Admin can set policies to control if users can launch or share applications, folders, or Secured Items that have compromised passwords. Admin can also block users from saving compromised passwords.

For details, see Secure passwords for Workforce Password Management

Improvements and behavior changes

This release includes the following product improvements.

Improvements for WPM
Improvement Description

New events track activity for Secured Items

A new event has been added to audit Secured Items add, view, edit and delete actions. New events have also been added to track sharing changes of Secured Items, changes to credentials in a Secured Item, and adding Secure Items by importing.

For details, see Build reports for Workforce Password Management.

Early access features

Early access features are made available on a case-by-case basis by request. Early access features might see more frequent updates compared to GA features.

Contact your account representative to enable early access features.

The following tables describe features that are currently in an early access state.

WPM early access features



Initial release version

Import credentials directly from LastPass

Users can import credentials directly from LastPass to CyberArk Identity without using a .csv file. Direct import is more secure than other methods because users don’t have to save the exported data and credentials on their devices. After a successful import, users can access their applications and Secured Items in the CyberArk IdentityUser Portal.

See Import accounts for more information.


The CyberArk Identity mobile app supports TOTP

The CyberArk Identity mobile app supports TOTP for two-factor authentication to access applications. A TOTP is a time-based one-time password. To set up TOTP, see Enable time-based one-time passwords (TOTP) for two-factor authentication. For end user instructions, see Use time-based passwords (TOTPs) for sites with two-factor authentication.


Component versions

The following table lists the latest component versions.

Component versions



CyberArk Identity


Android CyberArk Identity mobile app


iOS CyberArk Identity mobile app


Windows CyberArk Authenticator


Mac CyberArk Authenticator


Browser Extension - Chrome


Browser Extension - Edge Chromium


Browser Extension - Firefox


Known issues

Known issues for WPM



If an application is shared to a user, role, or group of users, and then again shared to the same user, role, or group through a folder, the folder permissions are given precedence.

For example, suppose an application is shared to a role or group with edit permissions and shared to the same user, role, or group through a folder with view permissions. View permission is given precedence.

There is currently no workaround.

In the Identity Browser Extension, when a user tries to copy the password for an admin-added application and MFA is enabled, the user gets the message Password UnKnown instead of the correct message Open the User Portal to view the password for this MFA-enabled application.

Instruct the user to open the User Portal to view the password for the application.

In the User Portal (new user interface), the functionality to sort items according to what has been recently added or frequently used is not working as expected.


System requirements

See System requirements and supported browsers for more information about browser and device support.