Security and privacy by design

Passbolt is used by governments, the defence sector, regulated industries and privacy-conscious organizations. Passbolt security model is built on strong foundations:

  • End-to-end encryption
  • 100% open source
  • Interoperable crypto
  • Granular access rights
  • Audited & auditable
  • No tracking

Encryption you can trust

Signed operations

All secrets are signed, it is possible to verify cryptographically for each secret the identity of the user that has created it. The integrity cannot be compromised.

Secret control

Full private key control

Users can choose to use their own PGP secret key for a full control of their data encryption. Alternatively, the secret key will be generated at the account creation.

Interoperability

Secrets can be decrypted and used easily on other systems thanks to the large OpenPGP software ecosystem. For instance, you can configure passbolt to automatically send you email notifications containing PGP encrypted secrets of the passwords you can access and decrypt them directly from your inbox.

End-to-end encryption

The secret key is never sent to the server, not even encrypted. Only you own it. Consequently, it is not possible for an attacker to decrypt the data or capture the user secret key, even if the server is compromised.

Open standards

Open standards

Passbolt is based on OpenPGP, an open and extensible encryption standard which provides confidentiality and integrity, and relies on well known algorithms.

Granular access rights

User permissions are set at a password level and secrets are encrypted once for each user that can access it. Revoking a user access means removing the secret from the database and the ability to decrypt future versions.

Self-hostable server, for maximum privacy

If your data are truly yours, you should be able to control where they are located. This is why Passbolt server can be self-hosted inside your own infrastructure: from a raspberry pi inside your office to a High Availability setup hosted at your favorite supplier, you are the one in charge.

Once downloaded and installed, Passbolt server is yours:

  • Fully autonomous, no 3rd party service: Passbolt server works as a standalone component. It is fully open source and doesn’t require any third party service to be functional by default.
  • Behind your firewall: Passbolt doesn’t require an internet connection access to be functional. It can be completely isolated, protected by your own firewall rules.
  • No trackers: We cannot track what Passbolt servers are doing, we don’t know where they are and don’t want to know. Our servers do not send usage data or any form of analytics to us.
Check installation guides

Security in the browser

Signed code

All critical operations are done by the extension. It is not possible to compromise the security of the cryptographic code if the server is compromised.

Automatic updates

Passbolt extension updates are rolled out automatically by default, preventing your users from running outdated or unsecure software.

Anti-phishing

Passbolt requires your users to set a security token that will be displayed when entering their passphrase. That helps prevent phishing attacks.

Strong authentication

Challenge based authentication

Passbolt relies on GpgAuth, an authentication protocol that requires both the server and client to solve a challenge, e.g. produce the proof of the private key ownership.

Bruteforce attack prevention

Each login attempt requires a separate challenge. Unlike other password managers that rely on a master password hash.

Multi factor authentication

Multi factor authentication

Passbolt requires something the users know (passphrase) and that they own (private key) to login. It is possible to add additional factors using Yubikey, Duo, or TOTP.

Protection against data breaches

Have I been pwned?

Passbolt protects you from reusing a passphrase that has been used on hacked websites.

Password generator

Passbolt reduces password reuses for your users and its password generator proposes secure default options with high entropy. Go ahead, forget your passwords!

User input required

The user input is required in order to fill in credentials on a login form and only make relevant suggestions. This prevents unintentional data breaches.

Audited

Passbolt code, client and server is regularly audited by third parties.

Cure53 logo

Cure53

Passbolt security model, front-end code as well as back-end code has been fully audited by Cure53 in 2021.

SOC2 logo

SOC 2

In 2021 we got successfully audited for SOC 2 Type II. Report is available to customers on demand.

Auditable

Passbolt is 100% auditable by anyone who would like to see for himself how our security model works in practice.

Open source logo

100% open source

Passbolt is 100% open source, even the commercial version. If you don’t trust the third party audits, you have the freedom to audit it yourself.

Bug bounty

We reward security researchers who audit our code and identify vulnerabilities.

Audit reports

h
k
c
a