# Global MFA is enabled by default for new orgs

## `bzero v. 7.3.1`

{% hint style="info" %}
**IMPORTANT REMINDER**

For those who use Helm to install the Kubernetes `bzero` agent, you must update the Helm repository to chart version `>= 1.1.3` before doing a fresh install of the `bzero` agent. You can do this with <mark style="color:purple;">`helm repo update`</mark>.

This action updates the `bctl-agent` role to include permissions for retrieving logs from pods within the deployed namespace for the `zli send-logs` feature. **Even if you do not intend to use `send-logs`, you must be using chart version `>= 1.1.3` for any new Helm installations to be compatible with the new backend changes. We strongly recommend everyone who uses Helm takes this action.**
{% endhint %}

### Fixes

* **\[Released 8 December] Agent re-registration.** Resolved issue if `bzero` agent is attempting to register on top of an existing registration, `bzero` will prompt user to use the `-f` flag to force a new registration

## Web app & backend

### New

* **Onboarding tool.** To help aid users in onboarding targets to BastionZero, a self-serve, interactive onboarding guide is available within the web app underneath the support (?) icon in the top right corner. This tool provides guides for remote hosts, databases, Kubernetes clusters, web servers, and SSH tunnels. If you give it a try, let us know what you think!

### **Enhancements**

* **Policies without a subject.** Target connect, Kubernetes, and proxy policies can be created from the web app without any specified subjects. This enables you to mandate target access through [just-in-time](https://insiders.bastionzero.com/) access only
* **Global MFA.** *New* BastionZero organizations will have global MFA enabled by default. Users will be prompted upon first log in to set up their MFA using their chosen authenticator app. While it is not possible to disable MFA for the entire org, administrators may choose to disable, re-enable, or reset an individual user's MFA

### Fixes

* **Onboarding tool.** Resolved minor issues in the onboarding tool

For questions or to give us feedback on how we can make our updates better, reach out to [<mark style="color:purple;">product@bastionzero.com</mark>](mailto:product@bastionzero.com).