Passbolt 5.6 called “Big Jet Plane” is now available (release notes: v5.6.0) and continues the 5.x series’ focus on new resource types, encrypted metadata, usability, and operational control.
This release introduces standalone notes to store sensitive secrets beyond passwords and shared metadata key rotation to give organisations stronger control over their encrypted data. This release also delivers several long-awaited usability improvements that make the day-to-day experience smoother.
Standalone notes
Many security teams manage sensitive data and not just passwords: SSH configs, API tokens, deployment instructions, certificate chains, etc. Earlier versions left this material attached to credentials, which fragmented workflows, access control and auditing.
Standalone notes formalise this content as a new resource type. Notes carry the same end-to-end encryption, sharing model, and audit trail as passwords, and support up to 50 KB of plaintext. When encrypted metadata is enabled, notes sit alongside other resource types in the workspace and are rendered obfuscated by default with an in-place visibility toggle.
Administrators can control availability of the new resource type in the “Allowed Resource Types” of the organisation settings workspace, where enabling or disabling standalone notes affects all users.
Import and export flows have also been updated: text-only entries are now recognised as notes and handled accordingly. This applies to CSV and KDBX formats, including those originating from KeePass, Bitwarden, or 1Password.
Shared Metadata Key Rotation
Encrypted metadata has become the foundation of modern Passbolt features, including custom icons & colours, multiple URIs, custom fields and now standalone notes. In 5.6, administrators gain the ability to rotate the shared metadata key directly from the administration settings, without requiring manual reconfiguration or downtime.
This change brings administrative flexibility closer to established security standards. Key rotation is essential for maintaining forward secrecy: once a rotation is completed, any former member of an organisation can no longer decrypt resources metadata. The feature supports both periodic rotation policies and ad-hoc re-keying events, such as staff offboarding.
The rotation workflow is fully integrated into the existing encrypted-metadata administration pages. Before initiating a rotation, the system verifies prerequisites and displays the scope of affected items. During the process, progress indicators provide feedback while resources are re-encrypted with the new key. Be patient, it can take some time!
The interface also includes clear safeguards: rotation is disabled while an unfinished migration is in progress, preventing inconsistent states. Administrators are informed if legacy unencrypted metadata is still allowed, as this would reset migration status. These measures are designed to reduce operational risk while maintaining transparency about encryption posture.
Resizable Sidebars
User interfaces that scale with organisational growth are as important as performance. In Passbolt 5.6, the main workspace and the Users & Groups view introduce resizable sidebars, addressing one of the longest-standing usability pain points.
In previous versions, sidebar widths were a fixed percentage of the window, which became limiting when working with deeply nested folder structures. The new implementation allows dynamic resizing of both left and right panels and the layout maintains sensible boundaries to preserve readability. In the main workspace, for example, the grid remains at least 580 pixels wide, while the sidebars adjust between roughly 15 % and 25 % of the screen. Double-clicking the resize handle resets panels to their default width.
This change makes navigation more efficient for large organizations with extensive resource trees or specific naming conventions. The improvement is purely client-side, does not affect performance, and aligns with Passbolt’s continuous UX/UI improvement: small, reversible adjustments that remove daily friction without introducing visual inconsistency.
Performance and Stability Improvements
Passbolt 5.6 also includes several internal optimisations and bug fixes.
- Large group updates are now split into smaller API requests, reducing the likelihood of timeouts in organisations with thousands of users.
- Folder sorting now uses natural number ordering, improving readability in hierarchies that combine names and numeric identifiers.
- Account-kit export has been adjusted to better handle large, armoured private keys.
- On the Pro edition, the LDAP integration library has been updated to version 3, and the SCIM health-check has been standardised with other endpoints for consistency.
What’s Next?
Passbolt 5.7 (November 12th, 2025)
The next major update, Passbolt 5.7, is scheduled for November 2025 and will introduce Secret History: the ability to access and review previous revisions of a resource’s secret. This feature is under active development and represents the next step in providing fine-grained traceability while maintaining full end-to-end encryption.
Passbolt 5.8 (November 10th, 2025)
Passbolt 5.8 is scheduled for release in December 2025 and will introduce dynamic group management, allowing administrators to create additional roles and fine-tune access permissions.
Stay up to date
To remain informed about all Passbolt updates and community activities:
- Subscribe to our newsletter.
- Follow us on LinkedIn, Mastodon, and BlueSky.
- Join discussions and get the latest announcements on the community forum.
Sign up for email notifications about new releases on the changelog page.
Thank you to the community for your continued support and contribution.
