Pasbolt Docker main page

Hello guys, im chekyng passbolt docker and I’m in a strange situation… after creating a user via CLI I can log in via web bronser without problems witch activation link, but if I log in with another user … I can’t log in with the previous user (I reinstall the extension) and he always redirects me to the RECOVER page “https://passbolt.local/auth/login?redirect=%2F&locale=en-UK” and says that ll send me a new EMAIL, however I do the activation ONLY with CLI the link provided and ll not receive … any suggestion? ( if I delete and recreate the user I can enter with the new CLI activation link. )

Checklist
[ x] I have read intro post: About the Installation Issues category
[x ] I have read the tutorials, help and searched for similar issues
[ x] I provide relevant information about my server (component names and versions, etc.)
[ ] I provide a copy of my logs and healthcheck
[x ] I describe the steps I have taken to trouble shoot the problem
[ x] I describe the steps on how to reproduce the issue

Hi @Rick :wave: and welcome to Passbolt Community forum :hugs:

Passbolt password encryption works in an asymmetric way with a GnuPG key pair.
When you share a password with another user, you encrypt the password with his public key. So you ensure this user will be able to decrypt with his private key. If the user loses the private key, he won’t be able to decrypt his passwords anymore, that’s why it is very important for each Passbolt user to keep the private key in a safe way.

Passbolt server contains only public keys and your private key is located in your Passbolt browser extension. The extension can own only one user account at once, so if you want to connect with another account, you have to perform an account recovery.

Passbolt relies heavily on emails as it is part of the security model:

  • Email address validation during account creation
  • Email authentication during account recovery
  • Notifications on important user actions that have a security impact.

Creating the first admin user via CLI is mandatory with docker but for other users, email will be sent. Having a working email setup is essential if you want to use Passbolt securely.

Don’t hesitate if you have further questions.