So I’m struggling to understand account recovery (Community Edition, self hosted) and the role that the private key file plays.
What is account recovery for, if the passphrase is a requirement fo recovering the account? Is that not like a forgot password tool asking for the current password in order to reset it?!
According to this doc, Passbolt Help | How to recover an account?, there should be a step where the user can enter a new passphrase, but in all my attempts, the recovery process always asks for the users passphrase, which is the reason for the recovery in the first place!
So we have two things called account recovery which is probably contributing to the confusion here.
One is more of a set up a new browser or log in on a new device. In that case you need the recovery kit(private GPG key) to set up the extension in the new browser or device. You need this recovery kit to decrypt the secrets stored in passbolt.
The other account recovery is a pro feature where it gives an admin of the instance the ability to set up an organization key and then users can have their recovery kits and passphrases encrypted with that and stored on the server so if they forget the passphrase or lose the key they can have an admin help them get back into their accounts.
Hi. We understand the issue but as soon as a user is deleted, all folders, subfolders and passwords that this user had created are deleted accordingly. Is there any way to reset the password without deleting the account?
It is practically impossible for us as administrators to make our colleagues remember all the passwords they have to have, it is a constant fight.
We have tried to change the password via cli and we have not been able to do it either. Help please!!!
@it_i-mas If your goal is to cut the access to passbolt of a particular user but want to keep all the passwords they’ve created & access. In this case, you should suspend the user instead of deleting them.
Apart from that, in CE, if user forgot the passphrase and/or misplaced account-recovery-kit then user needs to be deleted & recreated. There’s no other straight forward way.
Wow ok. This experience has convinced me to walk away from Passbolt. I was willing to work through the MASSIVE NUMBER of technical challenges during setup, but this? Suggesting “just delete the user and all their passwords” as the solution to a forgotten passphrase is completely unacceptable for a product designed for businesses.
The very first user I set up mistyped their passphrase, and while trying to recover their account, I found this thread. The fact that your official response is to wipe out a user’s passwords, effectively locking them out of their work and forcing them to reset access to every service, is absurd.
I’m sure your team will hide behind the guise of “ItS mOrE SeCuRe” to justify this, but this approach is nothing short of a critical design flaw. A password manager’s purpose is to safeguard access, not make it impossible to recover. For a business tool, this kind of oversight is a deal breaker, because users forget their passwords… constantly… and that’s the whole thing this tool is designed to fix.
Passbolt has potential—it works well in many ways—but this glaring flaw makes it unfit for professional use. I’ll be moving on to find a solution that better supports the realities of real world business operations. and you should really consider a solution that at least HAS a recovery option.
Let me clarify why Passbolt handles account recovery the way it does and how it relates to the security model.
Passbolt uses asymmetric encryption, where each user has a pair of keys: a public key (used for encryption) and a private key (used for decryption). In Passbolt, the private key is further encrypted with a passphrase chosen by the user. This additional layer of security ensures that even if the private key is accessed, it cannot be used without the passphrase.
This design choice means that if a user forgets their passphrase, the private key cannot be decrypted, making it impossible to access stored passwords. It’s not a limitation of asymmetric encryption itself, but rather a security measure, where no one, not even administrators can access your data without your passphrase.
For organizations needing a recovery mechanism, the Pro version includes an organization recovery key. This feature allows private keys to be encrypted with a central recovery key pair, enabling secure recovery of accounts when a passphrase is lost.
We strive to maintain a constructive and respectful environment. Spreading fear, uncertainty, and doubt (FUD) is not allowed here, please read the code of conduct Passbolt | Code of conduct. While we understand the frustration when things don’t work as expected, there are better ways to collaborate and find solutions together.
Thank you for contributing to a positive community experience!
