Passbolt
Open source password manager for teams
Alternative to: 1password, lastpass, keeper
v5.13.0
2026-06-12Passbolt 5.13.0 introduces in-app edition management for Community and Pro versions, enhances scalability with browser extension pagination, and includes several security and bug fixes.
v5.12.0
2026-05-13Passbolt 5.12.0 makes the Safari extension generally available, introduces a dedicated PIN code resource type, and includes various security and dependency updates.
v5.11.0
2026-04-10Passbolt 5.11.0 promotes SCIM provisioning to production, adds PingOne SSO support, introduces SMTP OAuth for Microsoft Exchange Online, and updates the Safari extension beta.
v5.10.0
2026-03-11Passbolt 5.10 introduces a Safari browser extension beta, TOTP autofill, visible tags in the grid for Pro users, React 18 performance upgrades, and several security hardening fixes.
v5.9.0
2026-01-26Passbolt 5.9 adds PHP 8.5 support, improves security against user enumeration and clickjacking, enhances email digest efficiency, and introduces database deprecation alerts.
v5.8.0
2025-12-22Passbolt 5.8.0 introduces dynamic role management for granular access control and drag-and-drop user assignment to groups.
v5.7.2
2025-11-17Passbolt 5.7.2 fixes a bug where the server metadata private key was incorrectly deleted during the cleanup task, causing health check failures.
v5.7.1
2025-11-14Passbolt 5.7.1 restores Duo MFA authentication by fixing a CSP header issue that blocked the authentication form.
v5.7.0
2025-11-13Passbolt 5.7.0 introduces secret history for version control, alongside user and group workspace improvements, a detailed import report, and various bug fixes.
v5.6.1
2025-11-04Passbolt 5.6.1 updates the CakePHP framework to fix a security vulnerability related to query generation.
v5.6.0
2025-10-08Passbolt 5.6.0 introduces standalone notes for sensitive secrets, shared metadata key rotation for improved security, and resizable sidebars for better workspace usability.
v5.6.0-rc.1
2025-10-06Passbolt 5.6.0-rc.1 introduces standalone notes, shared metadata key rotation, and resizable sidebars, along with various bug fixes and security updates.
v5.5.2
2025-09-29Passbolt 5.5.2 fixes a bug that prevented administrators from editing encrypted metadata settings due to zero-knowledge mode requirements.
v5.5.0
2025-09-15Passbolt 5.5.0 introduces encrypted metadata in zero-knowledge mode for enhanced privacy and beta SCIM provisioning for automated user management.
v5.5.0-rc.1
2025-09-12Passbolt 5.5.0-rc.1 introduces encrypted metadata in zero-knowledge mode and beta SCIM provisioning for automated user management, alongside various bug fixes.
v5.4.1
2025-08-13This hot-fix resolves locale-related application issues, fixes credential import errors for disabled encrypted metadata, and restores correct expiration date rotation behavior.
v5.4.0
2025-08-12Passbolt 5.4.0 promotes encrypted metadata and new resource types to stable, introduces ECC keys for new users, increases secret note limits, and adds Czech language support.
v5.4.0-rc.1
2025-08-11Passbolt v5.4.0-rc.1 promotes encrypted metadata and new resource types to stable, improves performance for large organizations, and adds Czech language support.
v5.3.2
2025-07-17Passbolt v5.3.2 introduces a clipboard flushing timer for enhanced security and resolves several issues related to encrypted metadata and administrative key distribution.
v5.3.1
2025-07-09Resolves a regression from v5.3.0 that prevented the creation of standalone Custom Fields content types due to an API validation error.
v5.3.0
2025-07-09Passbolt 5.3 introduces custom fields for resource metadata, improves folder browsing performance, and includes various bug fixes and a CakePHP upgrade.
v5.3.0-rc.1
2025-07-04Passbolt v5.3.0-rc.1 introduces custom fields, improves paginated endpoint performance, and includes various bug fixes and a CakePHP upgrade.
v5.2.0
2025-06-11Passbolt 5.2 introduces encrypted metadata for multiple URIs and resource customization, adds Ukrainian and Slovenian language support, and implements password expiration notifications.
v5.2.0-rc.1
2025-06-05Passbolt v5.2.0-rc.1 introduces beta metadata properties for resources, new language support, expiration notifications, and several security fixes.
v5.1.1
2025-05-22This maintenance release fixes directory synchronization type errors, a metadata key issue on the view user endpoint, and updates security alert emails to conditionally display user IP and agent information.
v5.1.0
2025-05-15Version 5.1 introduces opt-in encrypted resource metadata, enables password expiry by default for new installations, and includes various bug fixes and performance improvements.
v5.1.0-rc.1
2025-05-12Passbolt API v5 RC introduces encrypted resource metadata in beta, enables password expiry by default for new installations, and includes various bug fixes and maintenance updates.
v5.0.0
2025-04-10Passbolt v5.0 introduces a complete UI redesign, upgrades to CakePHP 5, and adds SIEM-compatible action logging.
v5.0.0-rc.2
2025-04-08Passbolt API v5 RC introduces CakePHP 5 and updates PHP requirements to a minimum of version 8.2.
v5.0.0-rc.1
2025-04-07Passbolt API v5 RC introduces CakePHP 5, adds SIEM-compatible action logging, and updates PHP requirements to a minimum of 8.2 with support for 8.4.
v4.12.1
2025-03-17This maintenance release fixes an issue regarding notifications for suspended group administrators and fetching locales for suspended users in sub-queries.
v4.12.0
2025-03-12Passbolt v4.12.0 completes the v4 series with preparations for v5, including UI-based migration tools, bug fixes, and a transition to PHP 8.2 requirements.
v4.12.0-rc.1
2025-03-06Passbolt v4.12.0 completes the v4 series, adding v5 migration tools and fixing UI and metadata issues while updating the minimum PHP requirement to 8.2.
v4.11.1
2025-02-18Version v4.11.1 is a security release that fixes a host header injection vulnerability caused by an empty fullBaseUrl.
v4.11.0
2025-01-30Passbolt v4.11.0 introduces beta support for encrypted metadata to prepare for v5, fixes a security vulnerability regarding URL modification in emails, and enhances role-based access control.
v4.10.1
2024-11-26Version 4.10.1 fixes a critical bug where mobile apps failed to display passwords and corrects resource type and date validation issues.
v4.10.0
2024-11-20Passbolt v4.10.0 is a maintenance release introducing beta support for the v5 resource type format and various security and stability fixes to prepare for the v5 release.
v4.10.0-rc.1
2024-11-14Passbolt v4.10.0-rc.1 is a maintenance update preparing for v5, focusing on resource metadata encryption, new API endpoints, security dependency updates, and various bug fixes.
v4.9.1
2024-08-14Maintenance update v4.9.1 fixes PostgreSQL case-sensitivity issues during password sharing and improves action log purge tools for administrators.
v4.9.0
2024-07-23Passbolt v4.9.0 introduces resource location displays, enhances search functionality, and delivers significant API and browser extension performance optimizations.
v4.9.0-rc.1
2024-07-18Version 4.9.0-rc.1 focuses on performance optimizations for resource and user endpoints, adds folder search and location visibility to the browser extension, and addresses security vulnerabilities.
v4.8.0
2024-05-21Passbolt v4.8.0 introduces a Chrome MV3 browser extension, new administrative tools for purging audit logs and debugging SMTP, and general performance improvements.
v4.8.0-rc.1
2024-05-17Passbolt v4.8.0-rc.1 introduces the Manifest v3 browser extension for Chrome and new administrative tools for action log purging, SMTP certificate tracking, and email queue viewing.
v4.7.0
2024-04-30Passbolt Community Edition v4.7 is a maintenance release featuring custom SSL certificate support for SMTP, health check improvements, and various bug fixes.
v4.7.0-rc.1
2024-04-26Passbolt v4.7.0-rc.1 introduces HTTP HEAD support for health checks, SMTP TLS configuration for self-signed certificates, security hardening for the healthcheck endpoint, and various bug fixes.
v4.6.2
2024-04-11Version v4.6.2 is a targeted security release for the API and browser extension fixing reported security issues, including an error template title fix.
v4.6.1
2024-03-27Version 4.6.1 addresses an API issue to allow administrators to re-enable suspended users.
v4.6.0
2024-03-14Passbolt 4.6.0 introduces a new Health Check tool for administrators, adds PHP 8.3 support, and includes various bug fixes and security updates.
v4.6.0-rc.2
2024-03-13Passbolt v4.6.0-rc.2 introduces API healthcheck visibility, RBAC for share folder capabilities, security updates for phpseclib, and various bug fixes.
v4.6.0-rc.1
2024-03-12Passbolt v4.6.0-rc.1 introduces API healthcheck administration, RBAC for share folders, security updates for phpseclib, and various bug fixes.
v4.5.2
2024-02-14Maintenance update fixing autofill issues, improving TOTP imports from kdbx files on Windows, and adding support for PHP 8.3.
v4.5.0
2024-02-08Passbolt v4.5.0 introduces a password expiry feature, Russian language support, expanded SMTP providers for Microsoft 365 and Outlook, and various security and performance improvements.
v4.5.0-rc.1
2024-02-01Passbolt v4.5.0-rc.1 introduces password expiry features, Russian language support, expanded SMTP providers, RBAC improvements, and several security and stability fixes.
v4.4.2
2023-11-29Version 4.4.2 is a maintenance update that improves resource retrieval performance and fixes issues regarding TOTP secret deletion and email resending.
v4.4.1
2023-11-21This maintenance release fixes incorrect administrator deletion notifications, increases GPG key UID column length, and performs general code cleanup.
v4.4.0
2023-11-07Version 4.4 introduces browser-based TOTP management, user suspension capabilities for administrators, and notification email aggregation, alongside various security and performance fixes.
v4.4.0-rc.1
2023-11-03Passbolt v4.4.0-rc.1 introduces RBAC for mobile setup access, healthcheck warnings for older PHP versions, several administrative notifications, and an XSS security fix.
v4.3.0
2023-09-26Passbolt 4.3 introduces TOTP access via the web interface, persistent grid customizations, and various administrative and security improvements.
v4.3.0-rc.1
2023-09-21Passbolt v4.3.0-rc.1 introduces SMTP authentication configuration, account exports for Windows, Postgres schema definition, and experimental user disabling.
v4.2.0
2023-08-24Version 4.2 introduces password grid customization, resource count chips, administrator UI for password policies, and various performance, security, and stability improvements.
v4.2.0-rc.1
2023-08-23Version 4.2 introduces a customizable password grid, official PostgreSQL support during installation, resource count chips, and various security and performance improvements.
v4.1.2
2023-07-26Version 4.1.2 is a maintenance release that fixes API email notifications for NTLM authentication and improves the browser extension's password preview and auto-fill capabilities.
v4.1.1
2023-07-13Version 4.1.1 resolves two false-fail issues within the application and database healthchecks.
v4.1.1-rc.2
2023-07-12This release candidate fixes issues with application healthchecks comparing versions and database healthcheck false failures.
v4.1.1-rc.1
2023-07-11Fixes a false failure in the database healthcheck for administrators.
v4.1.0
2023-07-04Version 4.1.0 introduces Role-Based Access Control (RBAC), improves password sharing performance, enhances UI readability, and includes various security fixes.
v4.1.0-rc.3
2023-06-29This pre-release introduces role-based access control, security enhancements for MFA and email enumeration, and various installation and performance fixes.
v4.1.0-rc.2
2023-06-29This pre-release updates passbolt with role-based access control, various security enhancements, and fixes for SSL configuration and authentication endpoints.
v4.0.2
2023-06-01Version 4.0.2 revises a fix to allow administrators to run migrations on 32-bit operating systems.
v4.0.1
2023-06-01Passbolt CE v4.0.1 fixes a bug to allow admins to run migrations on 32-bit operating systems.
v4.0.0
2023-05-23Passbolt CE v4 introduces platform compatibility updates, including PHP 7.4+ requirements, Manifest v3 support for the browser extension, and accessibility improvements.
v3.12.2
2023-04-27This security release fixes an API vulnerability that could lead to unencrypted descriptions being stored in the database.
v3.12.0
2023-03-17Version 3.12 introduces folders for Community Edition, customizable action log outputs, expanded export formats, and a security fix regarding MFA visibility.
v3.11.1
2023-03-08This maintenance release fixes Duo v4 community-reported issues, addresses a clickjacking security vulnerability in the browser extension, and resolves a username validation bug.
v3.11.0
2023-03-06Community Edition v3.11 adds Duo v4 MFA support, paginated action logs, several new language translations, and Azure SSO account recovery.
v3.10.0
2023-02-14Version 3.10 introduces self-registration based on email domain policies and improves proxy, SMTP, and TOTP configurations.
v3.9.0
2023-01-20Passbolt v3.9 introduces Multi Factor Authentication (MFA) for Community Edition users and adds support for PHP 8.2.
v3.8.3
2022-12-06This maintenance release fixes community-reported issues with SMTP settings and improves debugging for GnuPG integration.
v3.8.1
2022-11-18Maintenance release improving SMTP settings flexibility, authentication support, and bug fixes for administrators.
v3.8.0
2022-11-14Version 3.8 introduces Solarized light and dark themes, administrator SMTP settings management, and various security and stability improvements.
v3.7.3
2022-09-28This security release fixes a spell-jacking vulnerability to protect forms from leaking sensitive information.
v3.7.2
2022-09-21This maintenance release includes a community-reported bug fix and improvements to continuous integration pipelines.
v3.7.1
2022-08-12This release includes bug fixes for source language typos, server key generation over HTTP, PostgreSQL compatibility for resource types, and a styleguide version bump.
v3.6.0
2022-05-30Version 3.6 introduces a design refresh, experimental ECC key support, and various performance and validation improvements.
v3.5.0
2022-01-19Version 3.5 introduces iOS and Android mobile apps, experimental PostgreSQL support, a new GO-based CLI, and additional language support.
v3.4.0
2021-12-08Version 3.4 introduces native Edge browser support, dark mode authentication screens, security fixes, and general stability improvements.
v3.3.1
2021-11-24Addresses a high-severity security vulnerability where a JWT key confusion attack could lead to authentication bypass in the beta JWT Authentication plugin.
v3.3.0
2021-10-27Version 3.3 introduces in-form integration for credentials, a revamped password and passphrase generator, German and Swedish translations, and experimental mobile app support.
v3.2.1
2021-06-08This maintenance release fixes an API v3 regression to ensure login accepts JSON data.
v3.2.0
2021-06-08This release introduces internationalisation starting with French, upgrades the API to CakePHP v4, and moves user avatars to the database for improved backups and high availability.
v3.1.0
2021-03-30Added a feature flag for the preview password plugin.
v3.0.2
2021-03-11This maintenance release includes community-reported fixes for healthcheck SSL checks, email digest previews, and test email command authentication.
v3.0.1
2021-02-24Maintenance release featuring a bug fix for the resource_type_id field migration.
v3.0.0
2021-02-24Passbolt v3 introduces a major UI redesign, React frontend migration, support for multiple resource types, and a dark theme, while updating server dependencies.
v2.13.5
2020-07-30A maintenance release focusing on community-reported bug fixes and dependency updates.
v2.13.1
2020-07-09This maintenance release fixes a bug related to admin email notifications during user setup.
v2.13.0
2020-06-25Passbolt CE v2.13 introduces email digest functionality, server key rotation, and front-end refactoring as part of a migration to React.
v2.12.1
2020-04-15This maintenance release updates jQuery to v3.5 to address a security vulnerability that could lead to XSS in certain configurations.
v2.12.0
2019-12-10This maintenance release includes web extension fixes, a security patch for the quick access system, and the ability for admins to resend user invitations.
v2.11.0
2019-08-12This maintenance release provides critical security fixes, improved browser extension autofill compatibility, and updated support for Debian 10.