Desktop Application (Mac/Windows) - with browser extension encryption done in the app

Hi @Phenek yes to end of the year 2023 but must most likely before. Q2 would be realistic goal at the moment (we’re hiring in that direction).

We don’t have a repository at the moment, we have not selected the technology yet, but so far the consensus seems to push forward an electron app as we would be able to reuse most of the work we did for the browser extension. There are obviously some security considerations we need to look at more closely. There are some disadvantages also, for example not being able to / harder to be in the appstore.

1 Like

HOo you mean Electron.js, so you will stay on javascript, right?

Yeah I eard a lot about Electron vulnerabilities.
About the AppStore it’s because javascript can be updated from API, and it can lead to have malicious code that update it self from javascript without the user notifying it, either the software company.

I will follow this thread until you select the technology.
Thanks for your speed answer.

@Guardian42 I also test Padloc, at first it’s was impressive.
But at the end, It is not what I expected.

The browser extension do not communicate with the App,
when you unlock one the other one still lock.
So you have to unlock it manually everywhere…

The Biometry stuff seems to be limited with electron (did not works for me),
It’s a shame, because it’s a native computers’ feature now.

I was looking for the Download link…
Ok, take your time, the big shift of architectures is needed here.

How can we encourage this?
We only use desktop apps on our side.

We would be very happy to be able to encourage, help, follow this future desktop app closely.

Let us know :slight_smile:

1 Like


Just a quick update that we started working on this in Q1 2023. So we’ll share the results of our initial technical / security investigations and the code of a partial POC as soon as it’s ready. You will then be able to provide feedback as we move next to the design phase.


It’s going to be great, we’re hungry for news!
Let us know for any thread to follow


I’m not sure if you’re going to stick with JavaScript, for good?
If you take this step, please be aware that Microsoft Teams 2 has decided to stop using Electron.js and switch to WebView2 based on Chromium.
You could maybe take the same path?

1 Like

That’s definitely something we have been investigating, more info are going to be communicated very soon :eyes:

1 Like

i hope the LINUX version too :stuck_out_tongue:


First alpha version is out for windows:

We’ll move to other OS (Mac/Linux) once we’ve made more progress on this one. Currently, according the stats we have on webstores, 70% of passbolt users are on windows, so this is why the priority was given to the windows platform.

1 Like

I am reaching out because I noticed the title of this thread has been changed. Initially, it was titled “Desktop Application (Mac/Windows)” and now it seems to be marked as “Done!”
However, the Mac application is not yet available, and the Windows application is not yet on the stores.

I was the one who created this topic because I am directly impacted by the lack of support for Mac and the need for a more secure desktop application that works in tandem with the browser extensions.
(I am speaking about the big shift of architectures.)
This topic has drawn a lot of attention on the forum, gathering over 24k views.
I also think that a majority of people who found this thread are likely Mac users who were already searching for the Safari extension, and found this topic as well.

That’s why I respectfully ask you to restore the original title “Desktop Application (Mac/Windows)” , and at least change the status to something more representative of the current state of the development. For instance, marking it as “In Progress” would be more accurate given that the development is still ongoing.

I appreciate your understanding in advance and look forward to seeing the Mac and Windows applications available on the stores.

Best regards,

1 Like

Ok since this is unlikely to be done as per your requirements, I split the tickets into three and updated this thread ticket.

1 Like

Hi !

Will it be possible to store passphrase and unlock passbolt with fingerprint ? Like it is done on mobile app ?

If yes, will it be possible to unlock the extension with fingerprint if desktop app installed ?


The initial goal is to support this flow in the desktop application using the OS functionalities if they are present (microsoft hello, ios keyring, linux I don’t know). Then we can consider integration between the app and the browser extension. My experience with Mailvelope, these kind of integrations are brittle and thus create a lot of support requests.

We’re considering another method to enable biometric unlock on the desktop, using webauthn PRF extension. Explainer: PRF extension · w3c/webauthn Wiki · GitHub

1 Like

Do you have any information about Mac development?
We are really excited about this full integration.

It is certain that features such as biometrics or encryption in a heavy desktop application must be taken into consideration. It is certain that it will add more security credit to Passbolt.

1 Like

The PRF extension in the context of WebAuthn does not specifically mention biometric authentication. The extension primarily focuses on utilizing security keys (physical devices) and generating pseudo-random functions (PRFs) for encryption purposes.

PRF could be implemented for encryption purposes following the biometric authentication process in Passbolt to unlock the vault.
However, you will still need the native Biometry Support (Mac Touch ID, Face ID/ Windows Hello Fingerprint, Face)

As a Windows and Mac user myself, I am also excited to see advancements in Safari and the Mac desktop environment.

Having a desktop app as a vault for every browser extension seems like a robust security architecture.
The idea has won me over!

You indeed seems to have dificult to port actual javascript code to Safari or a desktop Mac application. Therefore, why not consider implementing Passbolt in a native or cross-platform framework that allows the use of native features?

Yes this would initially require a significant overhaul, in the long run, but you would have access to all the features platform specific.
This could truly be a game changer for the future.

Maybe Passbolt should be aiming multiple languages at the same time?

“70% of passbolt users are on windows”,
Yeah sure Mac users are still searching for a well implemented password manager.

This feature is a must to have, because this is crytical for mac users.

We are looking for the well-designed, well-polished, well-integrated, offering a great user experience.
with security first :wink:

Subscribed, followed, Hell Yeah!

1 Like

Mac users are willing to pay. That is the DEFINITION of a Mac user. If Passpolt has problems hiring devs, might I suggest that embracing the Mac crowd might be a cash cow?
One might even consider a stop-gap AppleScript solution that makes API calls just to get things moving.