When i create or change a passwird in Passbolt, passbolt sends an E-Mail with the encrypted Passwor.
Can this Password be decrypted with every user who has access to it?
When i click on an Password in the acticity Tab a new Tab opens and the URL is like : extension://xxxxxxxxxxx/app/passwords/view/xxxxxxxxxxxxx
And the Browser shows the file is not available
And how is it meant to get a password history?
Hey @D3n ,
Thanks a lot for your post. You found a regression here, indeed, the URL should be https://<your_instance>/app/passwords/view/XYZ a ticket has been created with the following reference
PB-25816 and will most likely be fixed in the 4.2 that will be out next week.
In regards of your question for the encrypted password in email, this is your encrypted version that you are seeing (encrypted with your public key), so indeed, if you want you can decrypt it in command line.
- Create a Temporary GPG Home Directory:
- Import the Private Key to the Temporary Keyring:
gpg --homedir ~/temp_gpg_home --import /path/to/private/keyfile.asc
- Decrypt the File Using the Temporary Keyring:
gpg --homedir ~/temp_gpg_home -o output.txt -d encryptedfile.txt
- (Optional) Remove the Temporary GPG Home Directory: Once you’re done, for security and tidiness, you can delete the temporary GPG home directory:
rm -r ~/temp_gpg_home
Remember to replace
/path/to/private/keyfile.asc with the path to your private key file,
encryptedfile.txt with the name of your encrypted file, and
output.txt with the desired name for the decrypted output.
By keeping a copy of those emails it will give a kind of a password history.
Thanks for the Reply,
so when i am changing the password, every user should get an email, with the password and can decrypt it with theire own passphrase key combination or can just the user who changed the password can decrypt the password in the email