Password Recovery

I am using passbolt 4.6.2 community edition and I want to customize it to be able to recover account if the user has forgotten password as well as lost the recovery kit. I know it is available in the Pro edition but is there a way to do it in the community edition?

1 Like

Hello @zain.abedin , welcome to the forum :wink:

How much users do you have or do you plan to have in the future? IMHO, I think it might be less costly to migrate to PRO especially if account recovery is a feature that you really need. There is also other features that could interest you such as SSO, Users Provisioning via LDAP, more control due to more policies settings etc…

Btw, you’ll have 14 days trial and we already have some dedicated guide to migrate from CE to PRO if you want to keep your current configuration. :slight_smile:

I am aware that the option is available in pro edition but I want to stay in the community edition and want to customize it to make that option available if it is possible.

Here is a camping-car:

Here is another camping car:

You would like the second one for the price of the first one with the yellow car included.

Your question is quickly answered: it is not possible.


One way to implement account recovery in the CE is to ask users to share their private key and passphrase with you. It’s actually quite simple to implement.

1 Like

You are so funny! where did you learn these jokes? Did you watch tutorials on youtube?

1 Like

Ha ha :joy:

You are not so far from truth, as I made some YouTube videos :stuck_out_tongue_winking_eye:

Regarding your initial topic, @remy’s reply is the best match for community edition.

Best regards,

1 Like

@antony This is very misleading. If the “recovery-kit” can’t be used to recover the account without the passphrase, then its not a recovery-kit at all. I can see locking the recovery of the private key behind the pro paywall but if I have the users private key, I should be allowed to reset their passphrase.

If I’m self-hosted using CE and a user forgets their passphrase, then there is no way for them to get back into their account. Am I correct in my understanding of this?

Currently in CE, if a user loses the passphrase and recovery kit, it is not possible to recover the account because all passwords are encrypted and you will not be able to decrypt them. If there was a possibility, it would be a security risk.

If you forgot your passphrase and you have your recovery kit, you should be able to recover your account using it. At least this was possible in the past, I don’t know if it will be possible now.
Also, keep in mind if I remember correctly, that for administrator users the private key is encrypted with the passphrase so you will need both to recover your account.

Of course. I have the recovery kit.

Whenever I try, I get a “contact your admin” message and it prompts to send an email but the email never arrives.

Maybe you have a problem with your email settings. Have you checked the healthcheck or tried sending a test email?
You can query the database to get the email data and create the link as a workaround.

We get all the other emails just fine. Health check comes back clean. Are you using CE? If so, can you test this scenario on your system?


Tested again. Email all went through this time. I must’ve just missed them before. However, as stated above, if a user forgets their passphrase, the only option is to delete the account and create a new one.

@antony Are there any plans to add this to CE in the future?