For us it would be crucial to change the default «crypted» value to «un-encrypted» of the description field in Passbolt 3.2.
We are currently using this field as a shared search attribute across several team members. I am aware, that the lock may be clicked to avoid the value being encrypted, but I am also pretty sure, that will be forgotten frequently, and once the value has been saved crypted, it can’t be undone.
Passbolt follow the “secure by default” principle, this is why we opted for the description to be encrypted by default unless the user clicks on the lock. There are competing requirements however within the community on this topic.
Hi Rèmy
Thanks for your response. I totally understand your approach and find it to be the right default, I have to admit. For our purpose it would be more than sufficient, if the default value could be changed from “crypted” to “unencrypted” via a configuration variable or similar. I believe this proposal could mitigate the competing requirements pretty much.
@marcd yes that would do the trick, however this introduces the risk of an attacker in certain scenarios to be able to change the configuration to a less secure default, So we need to cater for this too (through signatures for example) or accept this “downgrade attack” risk. I think we can accept this risk, but if anyone in the community have some feedback on this, we’d be happy to hear about it.