Q: How "secure" is Passbolt actually?

First of all, thanks for this great product. I love it.
I have a few things that I want to make clear.

  1. What happens if someone steals all the data stored on MySQL server that I use for my Passbolt instance? Are my passwords safe? My guess is “yes” because they’re saved encrypted.
  2. What happens if someone compromises the instance I’m running Passbolt on it? Are my passwords still safe?

I’m pretty much sure I’ve read through the FAQs but I didn’t get my answer.
Thanks!

1 Like

Hello @y.k,

  1. Yes if an attacker steals the Mysql server database, via a sql injection for example, they will not be able to decrypt the data. Unless they can break RSA for the key length you have selected that is.

  2. Yes and no. If an attacker have root access on the server they can change the results of the requests such as “what is the key for user X” or “who is a member of group Y”, and trick users into sharing passwords with them. So they won’t be able to decrypt all the passwords right away, but they could progressively get access to them. We will build additional security mechanism to mitigate this risk in the course of the year.

Hello @remy, thanks for a quick and clear response!
So, in the second case, my understanding is if an evil attacker takes control of the server, they can rewrite JS (and maybe PHP too) codes so that the first time other users accessed the tampered Passbolt page all the passwords they have would be shared to the attacker. But it’s impossible for the attacker to obtain all the passwords stored in the server only by running some commands on the shell. Is this right?

Thanks.

the first time other users accessed the tampered Passbolt page all the passwords they have would be shared to the attacker

No actually the attacker would need to actively trick users into sharing the passwords with the attacker. They cannot access the user passwords just by running/sending corrupted php or js code, it requires a user action to share the password with the attacker. This will be fixed using signatures, e.g. the client will verify that the list of the users in a group is signed by the group manager for example.

Another attack vector is the Mozilla or Google Chrome extension service. An attacker with access to the service could serve a malicious extension version that send the data back to the attacker. It would still require user input to decrypt the passwords prior sending them. We do not consider this a likely scenario (as extensions are signed with a key only owned by passbolt), if this is part of your threat model, you can compile and serve the web extension to your users yourself (but you’ll miss on the automated updates, unless you build that one too).

Now everything is clear. Thank you very much!

1 Like

Hi all,

This probably isn’t the right place to post this, but Avast is flagging the firefox Passbolt extension as Unreputable.

passbolt%20avast%20unreputable

Figured the right people will know what to do about it.

*New to discussion forums, but familiar enough with people. I’m not running Avast, and would definitely not want to have the conversation about it with my colleague to called it to my attention :stuck_out_tongue: *

Thanks for bringing this to our attention. @GeorgeK. I’m not sure how avaast does their rating, but something seems off.

I switched from avast to windows defender that’s why :sweat_smile:
Avast was creating issues lately and had to figured out the way. Even a few comparisons between windows defender and avast like this one https://www.reviewsed.com/windows-defender-vs-avast/ made my mind to finally switch from avast to windows defender

Hi @remy,

Regarding the safety, how do you handle the following scenario:

MalAdmin changes Passbolt Code to send his public key instead of user’s, when sharing is involved. When the encrypted shared password is returned from client, MalAdmin saves it, decrypts, reencrypts with original recipient’s public key and “shares it to the original recipient”.
From the user point of view everything works as expected.
MalAdmin, however, gains access to any shared password.

Is something like this possible?

Thanks.

Has this issue been resolved for answer 2?

“Yes and no. If an attacker have root access on the server they can change the results of the requests such as “what is the key for user X” or “who is a member of group Y”, and trick users into sharing passwords with them. So they won’t be able to decrypt all the passwords right away, but they could progressively get access to them. We will build additional security mechanism to mitigate this risk in the course of the year”.

Hello @rcolinger,

There has been no changes on risks associated with key trust issues.
You can check the security whitepaper for more information:

@rcolinger I created a backlog entry for this story: As a user I can add and review public key signatures and set trust levels on public keys