Restore one or more specific passwords from SQL-Backup

Good Morning!

When testing passbolt I asked myself the following question,
is it possible that if only one or more specific password is lost, to recover it from a SQL backup without re-importing the whole backup and overwriting the database with it?
If so, will the same people and groups have access to it again?
Sorry if this has already been described somewhere

Thanks in Advance

Edit: One way that comes to mind is to import the whole backup on a mirrored passbolt server and then decrypt the required password and re-enter it on the actual server via the gui.
Or export it in a file and import it again on the main server of course.

@avax Interesting question. It might depend on what the definition of “lost” is. Can you elaborate a bit more on the scenario?

Hey @garret,

thanks for your response!

One example could be that a user who leaves the company in a bad relationship deletes passwords on purpose, or simply by a mistake of the user, users are capable of anything :sweat_smile:
I managed to reconstruct the password in a test scenario with a mirrored server, importing the sql dump of the main server and then export the “lost” passwords.
maybe there is a better solution for this in the future?


@avax Even though the original question was specific to SQL backups, there is actually an exciting feature that is in the works called Account Recovery. Here is a recent blog article which describes the same scenarios including the “bad relationship / malicious departure”: Account Recovery | by passbolt | passbolt.

Of course, there is already in place the ability for a new password to be emailed to the user in its encrypted form, and this can serve as a backup. There was not too long ago a particular case here in the forum where they lost the db or it got corrupted and the passwords were unshared. Those original emailed backups came in handy.

Thanks again @garrett for the response.

It’s actually the first time I’ve heard of the possibility to back up encrypted passwords via mail, can you explain how I can configure this?
And when can we expect the account recovery feature?

Edit: Found it, the passwords are sent with the email notification? Does this only apply to personal passwords?


@avax Yes, that’s correct.

Regarding ETA, announcements are typically more a matter the order of rollout and not a deadline.