Hi everyone! this is my first time using the forum and I am not an experienced passbolt administrator, having said that I have a local installation of passbolt and my problem is a user has forgotten the login password but has available the private key that he saved during configuration, the problem arises when he tries to restore because in addition to the private key he asks for the password which he does not have… searching online I find little information or they refer to the PRO or Cloud version.
Unfortunately, it’s true that most of the time, users lost their private key and not the passphrase associated. Even though this is the contrary here, the result will be the same. In order to recover the account you need the possession factor which is the private key and the knowledge factor which is the passphrase.
You are right about referencing PRO and Cloud. They both come with an account recovery feature which once enabled, let the users the possibility to share their recovery kit with the server. Obviously, this has to be done before losing the access.
In this case, the only solution would be to delete the user account and proceed to the re-creation. Unfortunately, all of the unshared passwords would be lost.
Also, before deleting the account, we’ve seen similar issues where users type a white space at the very end of the passphrase while configuring the account for the first time, which sometimes lead to an incorrect passphrase. It worth nothing to try adding this white space at the end of what they tried already.
Not in the near future. It is possible for users to share their private key with another user already in the CE (by creating a resource that does this), the account recovery feature just make it more configurable.
Not exactly, the passphrase is tied with a version of the private key, so changing the passphrase in passbolt, won’t change the passphrase for the previously created entry.
