Recover/undelete passwords

Iwan.v.kanten · June 2, 2023, 1:48pm

I have a use case here.

Just implemented Passbolt and I’m teaching my team to use it.
We have a shared folder where the group is the owner. Everyone should be able to add and update passwords that are used in the team.
One team member has accidentally deleted a few passwords in that shared folder.
Is there a way to recover the deleted passwords?

Ps. This is a self-hosted community edition.

Steph · June 2, 2023, 1:55pm

Hello @Iwan.v.kanten and welcome to the forum!

There is no way to directly recover a deleted password. However, there is one possibility maybe.
If you have the emails activated for password sharing with the encrypted password in it, then you might recover the password.
For that you will need that the recipient of the message runs a decryption of the data in the email with their own private key (that you will need to decrypt thanks to the its passphrase first).

I can try to guide through the decryption process but first, do you have the emails by any chance?

max · June 2, 2023, 2:11pm

@Steph is right, take a look at my answer here: As a user I can retrieve previous versions of a password - #19 by max
previous version or deleted if you enable the email notification with encrypted content you can have them.
It is not user friendly but its a valid disaster recovery.

SandPhoenixX517 · January 23, 2024, 4:42pm

@Steph Hello,
I am facing a similar issue. I have my private key and public key and I have the passphrase, can you forward me to the documentation part that allows me to decrypt an old version of the encrypted password that I received via an automatic email?
Thank you in advance,
S.

Steph · January 24, 2024, 8:18am

Hello @SandPhoenixX517 and welcome to the forum !

There is no Passbolt documentation that I remember that describes how to do that. Actually, it’s using PGP under the hood, so you might search for pgp/gpg commands if you wish more details later.

Meanwhile, you can proceed given that:

you have an encrypted message to decrypt
you have a private key that you can read (by that I mean, it is either decrypted or encrypted and you know its passphrase)
the encrypted message recipient is the owner of that private key
you have a gpg client installed on your machine

The first step would be to import the private key in the gpg keyring if it’s not already the case and then run a decryption command.

Let’s consider the following:

the private key to import is saved on a file called private.key
the text message to decrypt is saved on a file called encrypted.txt
the file where the decrypted message will be saved is decrypted.txt

Now you can run in a terminal:

gpp --import private.key
gpg -o decrypted.txt -d encrypted.txt

SandPhoenixX517 · January 24, 2024, 10:33am

Thank you @Steph
That helped a lot