Recap of The September Community Call

Hello everyone! :wave:

Did you miss the September Community Call? Don’t worry, you can still check it out. The full call is available on Youtube, and a complete recap of the discussion is provided below. This month, the format was revamped to include a keynote - Pierre gave an in-depth look at the Windows App, its progress and all the behind-the-scenes details you could wish for.

:clap: Contributor of The Month - 1:10

Shelby announced that this month’s Contributor of the Month is none other than @Duffman. Passbolt is very grateful to Duffman for his consistent and helpful activity in the community. They were also one of the first members of the audience at the very first community call. Duffman never misses an opportunity to support and interact with the Passbolt team and the community. He’s a legend here at passbolt and an integral part of the community. Thank you for all you do, Duffman.

:mega: Announcements - 1:28

  • Last Saturday, passbolt organised the CakeFest Satellite Event in Luxembourg.
  • The team is attending All Things Open in Raleigh, NC October 15 -17
  • Passbolt’s giving away free tickets to ATO, all you have to do is comment on this post.
  • Also attending IT-SA Nuremberg from October 10 -12.
  • Passbolt will be at FOSDEM in February 2024
  • In December, passbolt will be at the Open Source Experience in Paris
  • Also taking part in CyberDays Luxembourg
  • Attending a FIDO meeting in San Diego after All Things Open

:hourglass_flowing_sand:TOTP Features - 4:08

Kicking off the presentations, @benjamin showcased an update to TOTP portability. With the release of version 4.3, users can now access TOTP on both their mobile phone and in their browser. However, TOTP creation and editing is still restricted to the mobile app. Benjamin briefly demonstrated the appearance and functionality of TOTP using the browser version of passbolt.

:gear:Password Policies - 6:16

As Bob Ross once said, “There are no mistakes, just happy accidents.” In this case, the happy accident was another well-delivered presentation. A breakdown in communication provided an opportunity for an insightful look at passbolt’s password policies. @pabloelcolombiano showed how the latest version of the password policies function for both admins and users. And how passwords can be forced to be generated using either a more memorable passphrase or a default random-string, mixed-digit password.

:toolbox: User Passphrase Policies - 11:00

Benjamin jumped back in to demonstrate the new user passphrase policies (understand all the confusion now?). With version 4.3, admins can now manage policies for both new and existing user passphrases, aka their “master password,‘’ which is used to access their sensitive information stored in passbolt. These policies include setting minimal entropy and managing access to external tools that monitor if a passphrase has been compromised.

:desktop_computer: Deep Dive Into Windows Desktop App v0.3.0 - 13:00

As the keynote for this community call, @scadra provided a detailed look at the development of the Windows Desktop App, covering its architecture, how it works, the security methods, and further improvements planned for 0.4.0. @Remy contributed valuable insight into the projected timeline for the app’s public release, which includes an audit by Cure53, a period to address any findings from the audit, and planned updates to implement before launch.

:black_heart: Some Kind Words From Duffman - 32:16

Duffman really wowed the team with some heartfelt words recognising the efforts and mission of passbolt. Sometimes it’s hard to see the impact that community-driven development has on users, and Duffman’s words helped provide some validation. Everyone was basically speechless and the host, @Shelby, was dumbfounded (making it the perfect opportunity to share a new found discovery – jitsi camera effects, fireworks and hearts). Thank you so much for your appreciation and for chilling with passbolt on this crazy rocket ship. You rock, Duffman!

:telescope: What’s coming next? - 34:00

There are numerous features in development, here are some you can expect in upcoming releases:

  • Ability to disable users through the UX
  • More TOTP improvements
  • WebAuthn as an MFA Provider
  • Duo on Mobile
  • Export private key from Mobile
  • Password Expiry

:clapper: That’s a wrap

Another great community call on the books. Passbolt wants to hear from you: How can these calls be better for the community? What topics would you like to see covered? Comment below and stay tuned for details about next month’s community call!