You may have noticed that the passbolt team generally does not like making comments on security incidents that affect other companies, whether they’re password managers or other online services. Many of you reached out to us, eager to get a sense of what risks you’re taking when you trust passbolt with secrets.
Well, here’s the thing: passbolt is a bit of an anomaly when it comes to password managers. It offers a unique architecture that’s tailored for secure collaboration and built on top of open standards. Does this mean there’s no risk? Of course not. But it does mean that the way we analyse and address risk is different.
The secret sauce is the key
Unlike traditional password managers, passbolt requires a randomly generated private key (which can also be provided directly by the user) that is truly independent of the end-user password. Passbolt combines this with asymmetric encryption, a form of encryption using a distinct public key for encryption and private key for decryption and signing. These keys are completely random and are not derived from the end-user password.
No credential stuffing
Passbolt protects your account from the dangerous tactics of credential stuffing. Even if an attacker manages to trick you into providing your passphrase they still won’t be able to access your account. By design it’s impossible for attackers to use popular passphrases from previous breaches to gain access, even if MFA is not enabled.
No “one password to rule them all”
Since the private key is required, even if an attacker manages to sneak past authentication, they wouldn’t be able to decrypt your content with only your passphrase. They’d need to get their hands on your private key first, and trust us, that’s no easy feat.
No private key distribution by the server
Don’t worry, your private keys are in safe hands — yours! Your private keys stay private, it’s never distributed by the server. With passbolt private keys never leave the cozy confines of your laptop or mobile devices local storage. Plus, when you need to transfer them between devices, we don’t rely on sending them to the server, instead we use QR codes that are generated and displayed in a secure browser extension sandbox.
No private key escrow by default
Passbolt strives to choose the most secure options as a default, disabling private key escrow is no different. When using passbolt pro or cloud you have the option to send your private key, encrypted with your organisation’s recovery key, to the server, so an administrator can help you regain access. This feature is disabled by default and clearly visible when enabled so you stay in control of your keys at all times.
No phoning home
With the ability to be self-hosted, even in air-gapped environments, passbolt is the perfect sidekick for those who value privacy. Passbolt works disconnected from the internet, even in the most remote situations, like local servers on ships or at industrial sites. You never have to worry about it “phoning home.” Plus, there’s no need to register an account or have an internet connection to get started. And no need to learn how to opt-out of a telemetry program, passbolt is all about the balance of user-friendly experience and privacy.
Anti-phishing protection
An anti-phishing token is an added layer of security that appears each time an end-user is prompted to enter their master password. It acts as a barrier against phishing attacks, preventing attackers from stealing a user’s private key by replicating passbolt with a malicious script or website.
No cryptographic code served by the server
Passbolt has your back when it comes to encryption and decryption. With our system, the code used for these processes is never served by the server. An attacker with server access can’t alter the cryptographic libraries or add some sneaky code to extract and send your server key elsewhere. How does it work? By making the browser extension mandatory. Sure it might feel like an inconvenience, but it’s worth it for the added layer of security. If you’re curious, learn more about the extension in this dedicated blog post.
No security theater
Putting on a show isn’t part of our objectives and it’s not even in our repertoire. We will openly challenge feature requests that promote “security by obscurity.” Passbolt is dedicated to genuine security, not the false sense of it. We have experts audit all of passbolts code regularly and always disclose their results. As a customer you can also request to look at our SOC2 Type II audited reports. Passbolt is proudly authentic, truthful, radically open, and refuses to participate in any form of security theater.
Share only what you need, or the principle of least privilege
Passbolt was made with business and teams in mind, that’s why it’s packed with features to meet the complex needs of organisations. When it comes to password management one size doesn’t fit all. That’s why instead of simple shared vaults (where you share an entire vault with an entire group of users), passbolt gives you granular control over permissions.
Everything in passbolt is personal by default. From there you can choose what you want to share.
Fine-grained permissions
You have complete control over who has access to what, so you can trust your sensitive information is only seen by the right people. Passbolt provides a granular approach where you can share one password, a selection of passwords, an entire folder, even customise access to a subfolder, a password in a subfolder…need we say more?
All it takes is one click and you can share a password while applying a permission type: read-only, update, or owner. This granularity ensures that passwords are only shared with users that really need them.
Granular encryption
On top of the granular permissions, passbolt also practises granular encryption. Each password is encrypted once for each user it’s shared with and there’s no encrypted copy kept for users without permission. In simpler terms, the encrypted data in passbolt follows the same rules as the access given.
It’s a step above the abilities of a simple shared vault or shared collection architecture where all passwords are shared by default (and in most cases a local copy is made from the first connection, something we’ll cover in the section about offline vaults).
Granular revocations
Passbolts granular encryption extends to revocations too. When a user’s access is revoked their encrypted password is immediately deleted. This may sound obvious but in many shared vaults or shared collections architecture revocation is not taken care of and is flagged as a residual risk (we’re not pointing fingers, but you should definitely have a look at how revocation is handled at the most famous password managers).
No offline mode
The passbolt support team is regularly asked why we don’t offer an offline mode and when this feature will be available. Here’s our take: offline mode for everyone is a security concern, not a feature.
Configurable offline mode is on the roadmap, but it will be disabled by default. It’s up to the discretion of the administrators to activate it and they’ll have to understand it comes at a cost. With other password managers offline mode is turned on from the beginning, which makes it impossible for the solution to reliably log the users activity.
We do understand that in certain cases users will need to export information and we’d never hold your information hostage. That’s why we offer an export feature. Currently, exports are either on or off for everyone which allows administrators to have a clear understanding of who has access to the export features and makes managing exports easy. We are working on making it more granular, customised, add access controls, and disable exports by default.
We practise radical openness
Open cryptography
Passbolt cryptography is based on a smaller, secure subset of the open standard, OpenPGP. By harnessing the power of well-known, more advanced algorithms like elliptical curve cryptography, this standard offers a high level layer to manage cryptographic activity. These algorithms are for example frequently applied in the creation of digital currencies.
Open source
When it comes to security, it’s a common misconception that open source is inherently less secure than closed source. In reality, the product’s security has little to do with the accessibility of the source code.
With open source software anyone can review the source code and assess the security, there’s no need to depend just on the vendor’s word. Passbolts code is 100% open source, fully licensed under AGPL, and hosted on github. Transparency is a crucial part of who passbolt is. We strongly believe in radical openness and encourage community collaboration and audits.
Open auditing
Linus Torvald famously said “given enough eyeballs, all bugs are shallow.” We agree, which is exactly why we don’t just provide access to the code, we make sure plenty of people are looking. With everyone major improvement of passbolt we have an independent third party review from security experts. We post their findings on our website for all to see, visit our incident report page to see for yourself.
What are the residual risks?
No solution is flawless, of course, but we take transparency seriously and are entirely upfront about any residual risks. Every new feature specification includes a section dedicated to risk analysis that is public. These risks are also summarised extensively in our security whitepaper. Here are what we consider the two main ones.
Metadata
Passbolt’s API-centric approach defaults to allowing users to search encrypted entries like passwords or descriptions using their name and URL. Common feedback passbolt receives is that this metadata should be encrypted by default. Most password managers rely on unencrypted metadata like content type, address, or creation date for functionality, but some choose to encrypt information such as password names and URLs.
It’s a delicate balance between providing auditability and search capabilities while minimising risks. Passbolt recognizes that for some, this balance can be too much. That’s why this year’s roadmap includes changes to provide administrators with more control over which data is included in the secret.
Human errors
As seen in some of the recent breaches, the majority of attackers will rely on unpatched systems and more broadly, human flaws, like one user having excessive access on a given system, access tokens not being encrypted, and even a carefully constructed phishing email. We make no claims to be impervious to such errors and encourage educating your team about cybersecurity to help with prevention.
Leading By Example in Security
Tearing down other companies is like trying to win a race by tripping your opponents, it’s not only unfair, but it makes you look bad. Passbolt aims to be a leader, not a bully.
Let’s play fair, and lead by example, not by mudslinging. Security is a team sport and a never-ending battle, it needs everyone’s contributions. Let’s not be too harsh about others’ mistakes, a little empathy goes a long way in ensuring a safer future.
Still curious about how passbolt’s security model works? Visit the website, read the security whitepaper, or ask us in the passbolt community.
