How Does Passbolt Securely Share Passwords?

Hello there,
I just finished installing Passbolt on Debian 9 and quite pleased so far. However I would just like to get some clarification about how the sharing functionality works (at a broad/high level).

I read that Passbolt uses OpenPGP (in fact setting up a key with GPG was part of the setup), so I am guessing that:

  • public-key cryptography is being used, so each user has a public key and a private key.
  • the private key is encrypted using the passphrase users specify when they create their account.
  • the decrypted private key is not stored on the server. The encrypted version may or may not be.
  • the public key is stored on the server for each user.
  • If Joe wants to share a a password with Susan, he fetches her public key, and uses it to encrypt the password before that encrypted text is stored in her area for her to access.
    • Susan can then access the password by decrypting that text with her private key (which she decrypts with her passphrase).
    • Whenever the password is changed, by either user, it has to be re-encrypted for all users it is shared with, using each user’s public key.


Does each group have its own public and private key?

If there is a public/private key for the group, I guess each user has a version of the private key that is encrypted using their public key. When Joe adds Susan to the group, he decrypts the group private key using his private key before re-encrypting it with Susan’s public key, which is stored in an area for Susan to access.

In order for Joe to access a password in a group, he needs to have:

  • been given access to the group by being given an encrypted version of the group private key, which was encrypted using his public key.
  • decrypted his private key using his passphrase.
  • used his decrypted private key to decrypt the group private key.
  • use the decrypted group private key to decrypt the password in the group.

If a user is removed from a group does this just result in the user’s version of the group key being deleted, or does a new key get generated for the group and a whole bunch of re-encrypting the passwords etc?

How much of that did I get right? Perhaps there is a good webpage/wiki for me to read somewhere on how password sharing is implemented in Passbolt?

hi @programster,

You were right for the first part. One precision: the encrypted private key is not stored on the server for now, but we will offer this option in the future via an escrow system.

Concerning group share, you got it wrong (nice try though :slight_smile: ). There is no group keys. It works the same than sharing with individual users, e.g. each secrets are encrypted individually based on group membership. Meaning based on a given list of groups (and direct users) permission we calculate which users the password should be shared with, e.g. the server verify that a secret is provided for every group members before saving.

So when a user is added to the group, the group manager encrypt all the secret for all the resources this user should have access to thanks to the group membership. When a user is removed from the group only the secret entries related to that group are removed for that user (for example they may still have access if they have some direct permissions).

Perhaps there is a good webpage/wiki for me to read somewhere on how password sharing is implemented in Passbolt?

Unfortunately not, but we’ve been longing to do it for a long time. Hopefully we’ll get some time soon.
Feel free to ask questions here in the meantime!


Thanks for responding so quickly and clarifying that for me. :+1: