How Passbolt Secures Your Data
Passbolt uses end-to-end encryption to protect your credentials. This means your passwords are encrypted on your device before they leave it, and only you (and the people you choose to share with) can decrypt them. Not even the server administrator or passbolt's cloud hosting team can read your data.
For the full technical details, see the passbolt security page.
What data is encrypted?
Passbolt encrypts two categories of data:
- Secrets: passwords, TOTP codes, secret notes, and custom field secret values are always encrypted, regardless of configuration. Only the people a resource is shared with can decrypt them.
- Metadata: resource names, URLs, descriptions, custom field searchable keys, and icons can also be encrypted when using the v5 resource format. Whether metadata encryption is enabled depends on your organisation's configuration. See the metadata encryption admin guide for more information.
Where does encryption happen?
All encryption and decryption happens locally in your browser extension or mobile app, never on the server. The server only ever receives and stores ciphertext (encrypted data it cannot read).
The browser extension is cryptographically signed, so your browser can verify it has not been tampered with before running it. To learn more about why a browser extension is required, see Why do I need a browser extension?.
How is data encrypted?
Passbolt uses the OpenPGP standard, a widely used open encryption standard. Here is how it works at a high level:
- Every user has a key pair: a public key (shared with others) and a private key (kept secret).
- When someone shares a password with you, passbolt encrypts a copy of that secret with your public key. Only your private key can decrypt it.
- Each user who has access to a shared resource receives their own individually encrypted copy.
- Secrets are also digitally signed, so you can verify they came from a trusted sender and have not been altered.
What is your private key?
Your private key is generated during your initial account setup. It is stored locally on your device and is never sent to the server in cleartext.
Because your private key is what allows you to decrypt your passwords, losing it means losing access to your data. There are two ways to recover if that happens:
- Recovery kit: during setup you can download a file containing your private key. Store it somewhere safe and use it to set up your account on another device. See Account recovery setup for instructions.
- Account recovery with admin approval: if your organisation has enabled this feature, an administrator can help you regain access. Your private key is backed up (encrypted) on the server during enrolment, and an admin must approve the recovery request before you can set a new passphrase. See Account recovery when you lost your private key or Account recovery when you lost your passphrase.
Download and safely store your recovery kit during setup. If your organisation has not enabled account recovery, the recovery kit is the only way to regain access to your account.
What is your passphrase?
Your passphrase protects your private key. Every time you log in, you enter your passphrase to unlock the private key so it can decrypt your data. The passphrase itself is never sent to the server. Passbolt uses a challenge-based authentication protocol (GpgAuth) that proves you hold the key without revealing your passphrase.
Choose a long, unique passphrase that you do not use anywhere else. A passphrase made of several random words is both strong and easy to remember.
You can change your passphrase at any time from your profile settings. See Change your passphrase.
What is the metadata key?
When metadata encryption is enabled, passbolt uses a separate shared key to encrypt resource metadata (names, URLs, and descriptions). This key works differently from your personal key pair:
- The metadata key's private half is itself encrypted individually for each user who needs it.
- For resources that are not shared, a personal metadata key can be used instead of the shared one.
- From your perspective as a user, metadata encryption is transparent. Everything is handled automatically by the browser extension.
Metadata encryption is configured by your organisation's administrator. For details, see the metadata encryption admin guide.