paid pro cloud-hosted (fairly new) Passbolt user for a MSP.
Implemented Passbolt and enjoying the simplicity and security it provides.
Just have a query about recovering items when folders are deleted, in case I have missed something.
I understand one can set up email notifications to include password data to be recovered in the case of deletion, as per:
My query is: if a user accidentally deletes a folder with 2000+ passwords in it, how does one recover from that? Manually restoring each one?
Or, if a disgruntled employee intentionally goes through and deletes all the root folders and all items therein, how does one recover from such a situation?
hey @missingl welcome to the forum!
Generally speaking the way to recover here would be to restore these individually as you are on the cloud. Self hosted would have the option to restore a database backup.
The best way to avoid this is to make sure users don’t have the ability to do this. Our page on roles and permissions goes into more depth here, but the short answer is make sure as few users as possible have can update or owner permissions on a resource. This will prevent them from being able to delete the resource.
For the specific examples. An accidental deletion would be fairly difficult as they’d have to explicitly check a box to delete the passwords in the folder and the folder name is mentioned in the pop up as seen here(my folder name is delete this folder):
This makes it rather difficult to accidentally do this.
For the malicious user the only good solution is to make sure the permissions are set well everywhere.