Securely store, manage and share passwords without uploading anything to the cloud with Passbolt. What it is and how it works.
The use of online password managers has raised some concern: some researchers have focused mainly on the key generation procedure used by LastPass and Bitwarden while we have seen that browser password managers are not secure.
Finding the passwords saved in Windows is really very simple when data encryption solutions such as are not enabled BitLocker o VeraCrypt.
Passbolt is an open source password management software designed for businesses and professionals looking to improve credential security. The application works like a password manager centralized that allows users to create, manage and share their passwords in a secure way. The software uses end-to-end encryption to ensure maximum password security.
Passbolt users can create personal accounts secured by a master password which allows you to access your credentials from any device.
With Passbolt you can also create workgroups for share passwords with other team members without running the risk that credentials can be intercepted and stolen by unauthorized parties.
Passbolt uses the OpenPGP protocol for encrypt passwords making them unrecoverable in plain text by users who do not have the correct credentials; in addition, the software keeps track of accesses to the password archive and of the changes made over time.
How Passbolt works and how to install the software
Passbolt is a solution of password management secure and flexible: primarily because professionals and companies can keep credential archives locally, without bringing anything to the cloud, let alone involving external managers, perhaps with servers located outside the borders of the European Union.
The page of installation of Passbolt Community Edition contains step-by-step instructions for uploading the software to your own server.
You can use a Docker container or install Passbolt with a more traditional approach, in the most popular Linux distributions.
The steps for installing Passbolt are very simple and largely automated. Passbolt, for example, requires you to specify a local account that has privileges to create and manage database MySQLto enter a password for the MySQL account used by Passbolt, the name of the MySQL account which will contain the passwords and finally the authorization to configure the Nginx or Apache web server.
Finally, it is suggested to request a digital certificate Let’s Encrypt free to secure data transfers via HTTPS with Passbolt server.
By selecting the item Autothe routine Passbolt installation prompts you to specify a domain name associated at the level of record DNS to the server. This prompts a Let’s Encrypt the generation of a free digital certificate. Alternatively, you can simply specify the machine’s IP address.
Once the connection with the URL on which Passbolt responds has been established, it is necessary to confirm the credentials previously entered during installation. On a freshly configured Ubuntu machine, it may be necessary to open incoming ports on the firewall side using for example ufw.
The next steps are to generate one OpenPGP key for the server, in setting the SMTP server to be used for sending emails when creating new accounts and for sending notifications, the creation of the first Passbolt user.
After installing thebrowser extension Passbolt, the dashboard del password manager.
From here you can start adding login credentials by grouping them so you can find them easily. To strengthen the protection going beyond the simple access with username and password, Passbolt allows you to enable two-factor authentication: the application supports OTP codes (therefore the classic apps Authenticator that can be installed on the smartphone), the FIDO2 YubiKey and Duo dongles.