Dec misc (#828)

* X509 - always required

* Update branch w/ master (#827)

* KC (#805)

* initial draft

* codeblock e.g.'s

* initial draft of f4e end-user doc

* first round of feedback

* feedback round 2

* feedback round 3

* update screenshots

* safari/macos import guide sketch

* adios, friendly name

* cli note

* fix typo

* finish import from macos/safari

* feedback round 4

* more feedback

* updated diagrams

* fix typo

* linked custom fields & more release note items

* new auto-fill unlock behavior for context menu & keyboard!

* release notes - autofill unlock

* new events

* fixes to 'using sso'

* updated KC screenshot & test step

* KC URL

* send extension & release notes

* hide ios extension

* updates to sso faqs

* SEO desc's & tags

* Key Connector > Impact on Unlock > Add a note for online dependency

* clarify "account is lost"

* add some references to CME

* final edits

* f4e

* quick edit to RN

* Release Notes Addition (#818)

* rn addition

* fix

* adds missing referrer to links (#770)

* typo fix for "commmand" (#819)

* KC Instruction Fix (#822)

* fixes per jcooks

* typo fix

* ngpsql (#823)

* Update deploy-key-connector.md (#824)

* update diagrams (#826)

Co-authored-by: Dragonashes <67827768+Dragonashes@users.noreply.github.com>
Co-authored-by: tangowithfoxtrot <5676771+tangowithfoxtrot@users.noreply.github.com>

* release notes versions

* Windows Hello 2FA note

* F4E FAQs

Co-authored-by: Dragonashes <67827768+Dragonashes@users.noreply.github.com>
Co-authored-by: tangowithfoxtrot <5676771+tangowithfoxtrot@users.noreply.github.com>

_articles/getting-started/releasenotes.md

@@ -48,6 +48,8 @@ Or subscribe to the [Bitwarden Status RSS Feed](https://status.bitwarden.com/){:
 
 ## 2021-12-07
 
+*Server 1.45.0, Web 2.25.0, Desktop 1.30.0, Browser Extension 1.55.0, Mobile 2.15.0, CLI 1.20.0*
+
 Bitwarden is proud to announce new enterprise features in the December release that add flexibility and value to the enterprise plans:
 
 - **Key Connector**: (*Only available to customers self-hosting Bitwarden*) When using Login with SSO with customer-managed encryption, the self-hosted Key Connector application serves cryptographic keys to Bitwarden clients as an alternative to requiring a Master Password for Vault decryption (see [here]({{site.baseurl}}/article/about-key-connector)).
@@ -61,6 +63,8 @@ Bitwarden is proud to announce new enterprise features in the December release t
 
 ## 2021-10-26
 
+*Server 1.44.0, Web 2.24.0, Desktop 1.29.0, Browser Extension 1.54.0, Mobile 2.14.0, CLI 1.19.0*
+
 The Bitwarden team is pleased to release a set of features and updates continuing our mission of making password management easy and accessible for individuals and businesses:
 
 {% callout info %}
@@ -80,6 +84,8 @@ The Bitwarden team is pleased to release a set of features and updates continuin
 
 ## 2021-09-21
 
+*Server 1.43.0, Web 2.23.0, Desktop 1.28.3, Browser Extension 1.53.0, Mobile 2.13.0, CLI 1.18.1*
+
 The latest release of Bitwarden focuses on often requested improvements to existing functionality:
 
 - **FIDO2 WebAuthn on Mobile**: Two-step Login via FIDO2 WebAuthn is now supported on iOS and Android (see [here]({{site.baseurl}}/article/setup-two-step-login-fido/) for details).

_articles/login-with-sso/configure-sso-saml.md

@@ -91,7 +91,7 @@ The Single Sign-On screen separates configuration into two sections:
 |Single Sign On Service URL|(*Required if Entity ID is not a URL*) SSO URL issued by your IdP.|
 |Single Log Out Service URL|Login with SSO currently **does not** support SLO. This option is planned for future use, however we strongly recommend pre-configuring this field.|
 |Artifact Resolution Service URL|(*Required if Binding Type is Artifact*) URL used for the Artifact Resolution Protocol.|
-|X509 Public Certificate|(*Required unless Signing Behavior is Never*) The X.509 Base-64 encoded certificate body. Do not include the `-----BEGIN CERTIFICATE-----` and `-----END CERTIFICATE-----` lines or portions of the CER/PEM formatted certificate.<br><br>Extra spaces, carriage returns, and other extraneous characters inside this field will cause certificate validation failure. Copy **only** the certificate data into this field.|
+|X509 Public Certificate|(*Required*) The X.509 Base-64 encoded certificate body. Do not include the `-----BEGIN CERTIFICATE-----` and `-----END CERTIFICATE-----` lines or portions of the CER/PEM formatted certificate.<br><br>Extra spaces, carriage returns, and other extraneous characters inside this field will cause certificate validation failure. Copy **only** the certificate data into this field.|
 |Outbound Signing Algorithm|The algorithm your IdP will use to sign SAML responses/assertions. Options include:<br>-<http://www.w3.org/2001/04/xmldsig-more#rsa-sha256> (*default*)<br>-<http://www.w3.org/2000/09/xmldsig#rsa-sha1><br>-<http://www.w3.org/2000/09/xmldsig#rsa-sha384><br>-<http://www.w3.org/2000/09/xmldsig#rsa-sha512>|
 |Allow Unsolicited Authentication Response|Login with SSO currently **does not** support unsolicited (IdP-Initiated) SSO assertions. This checkbox is planned for future use.|
 |Disable Outbound Logout Requests|Login with SSO currently **does not** support SLO. This option is planned for future use, however we strongly recommend pre-configuring this field.|

_articles/plans-and-pricing/families-for-enterprise.md

@@ -70,3 +70,21 @@ To redeem your sponsorship:
 {% callout success %}
 **Congratulations!** If you're new to using Bitwarden Families Organizations, we recommend checking out [this article]({{site.baseurl}}/article/getting-started-organizations/#get-to-know-your-organization) to learn the basics.
 {% endcallout %}
+
+## Frequently Asked Questions
+
+#### Q: Can I redeem with the account that's a member of the sponsoring Enterprise?
+
+**A:** No. Upon redemption, you'll be asked to enter a **personal email address** that you own. If you already have a personal Bitwarden account, enter that account's email address. If you don't, enter a personal email address for which you want to create a personal Bitwarden account.
+
+#### Q: Can I redeem for my existing Families Organization?
+
+**A:** Yes! Redeeming a sponsorship for an active Families Organization will immediately switch you to a sponsored subscription and add prorated account credit for the time remaining on the subscription you've paid for.
+
+#### Q: Can I add additional storage?
+
+**A:** Yes, however only 1 GB is included in your sponsorship. More storage can be added at any time and doing so will charge your payment method on file.
+
+#### Q: What happens if I leave the Organization sponsoring me?
+
+**A:** If you leave or are removed from the sponsoring Organization, your payment method on file will be charged at the next billing interval. If, however, you manually end your sponsorship from the **Settings** → **Free Bitwarden Families** screen, your payment method will be immediately charged.

_articles/two-step-login/setup-two-step-login-fido.md

@@ -46,9 +46,9 @@ Complete the following steps to enable Two-step Login using FIDO2 WebAuthn:
    You will be prompted to enter your Master Password to continue.
 
 5. Give your security key a friendly **Name**.
-6. Plug the security key into your device's USB port and select **Read Key**.
+6. Plug the security key into your device's USB port and select **Read Key**. If your security key has a button, touch it.
 
-   If your security key has a button, touch it.
+   {% callout info %}Windows Hello is natively a FIDO2 authenticator. If you're using **Windows Hello** but want to register a key or other device, you may need to dismiss the native Windows Hello prompt by selecting **Cancel** on the following screen: <br><br>{% image two-step/windowshello.png %}{% endcallout %}
 
 7. Select **Save**. A green `Enabled` message will indicate that Two-step Login using FIDO2 WebAuthn has been successfully enabled and your key will appear with a green checkbox ( {% icon fa-check %} ).
 8. Select the **Close** button and confirm that the **FIDO2 WebAuthn** option is now enabled, as indicated by a green checkbox ( {% icon fa-check %} ).