Passbolt keeps asking for password for every usage of login

We are using passbolt, and for some time ago it’s like the Remember this session does not work.
So every time i need a login, it asks for my password even if i check the Remember until…

Is this a known bug ?

we have the same problem on 2 Passbolt Server. It looks like this post: Why are session timing out more rapidely since v2.11?

1 Like

Hi @kimsvane and @Holla_Die_Waldfee,

Indeed this is similar to Why are session timing out more rapidely since v2.11? . So this behavior is happening because since 2.11 we are actually more strict with session management (no auto-extension). But we understand that it introduces a confusion from a user standpoint between session duration and passphrase remembering.

We are working on an improvement which will be shipped most likely with the next release. With this fix, the session will not expire for as long as the passphrase is remembered. If "remember until I log out’ is selected, then the session will be kept active until the system gets in idle mode, the browser is closed or a manual logout is done.

In the meantime, extending the session time from the configuration should fix the issue.

Do I extend the session time in php? Is there a passbolt config option to over-ride the default in php?

Hello @Mdocken,

You can extend the php session timeout via the php config as mentioned in this comment: Why are session timing out more rapidely since v2.11?

It is also possible to extend the php session via the passbolt config file. As per the CakePHP documentation note that the you still need to override the php configuration session.gc_maxlifetime via the ini entries.

    'Session' => [
        'defaults' => 'php',
        // Session timeout in minutes.
        'timeout' => 20,
        'ini' => [
            // Please note that php.ini's session.gc_maxlifetime must be equal to or greater than the largest Session['timeout'] in all served websites for it to have the desired effect.
            'session.gc_maxlifetime' => 1440

I hope it will help you

We just published a new version of the extension that will automatically extend the session duration for the duration of the “remember my passphrase” period, as support cases and comments on forums here are showing this is what most users would expect.


1 Like

This issue seems to exist for Google Chrome as well. Would this fix the same session timeout I am experiencing?