v2.12.0 ~ Call Me (pro)
Release date: December 6th, 2019.
This release is mainly a maintenance release. It ships with several fixes, mainly regarding the web extension. The previously published extension version contained some security fix for an issue in the quick access suggestion system reported by security researcher Rene Kroka. You can learn more about it on the incident page.
It also ships with a much demanded improvement: the possibility to resend a new invitation to a user.

Another improvement is the integration of the MFA status for each user in the user workspace. It is now possible for an admin to see at a glance which users have activated their MFA, and which ones have not.

Moreover, for users who can’t access Passbolt anymore due to a lost or inaccessible MFA device, we added the possibility for the admin to disable MFA for the given user. This will give them the possibility to reset their MFA settings and be able to access Passbolt again.

Finally, it is now possible for users to manage their personal tags. They can rename and delete them directly from the tags list component.

We hope you’ll enjoy this update!
What next? The team focus is currently on the upcoming folders feature. It is taking a substantial amount of energy to implement but the result should be matching your expectations. It is now a matter of weeks before the feature is available. If you are interested to know how it will work, you can have a look at the specifications (feedback is welcome). The screenshot below will give you a glimpse of its look and feel:

The team wishes you great end-of-year celebrations, merry christmas & happy new year in advance, and good holidays if you are lucky enough to take some!
API
Added
- PB-575: As AD I can see the MFA status of each user in the users grid
- PB-639: As LU I can delete a personal tag
- PB-687: As an admin I can resend an invitation for a user that didn’t complete the setup
- PB-698: As an admin I can disable MFA for a user
Improved
- PB-893: Update CakePHP to v3.8.6
- PB-894: Improve subscription key checks and output details
Fixed
- PB-771: Added purify subject for the email subscribers
- PB-856: Added migration fix to remove unused tables
- GITHUB-84: Fix gc_maxlifetime versus Session.timeout units
- PB-767: Fix LDAP sync issue “when multiple users are added to a group, failed validation of one should not impact validation of others”
Web extension
Improved
- PB-878: Update OpenPGP.js to v4.7
- PB-649: The quickaccess passphrase field text and background colors should remain as default when the field is not focused.
Fixed
- PB-883: The quickaccess should filter passwords by uri protocol and port if provided.
- PB-766: Fix 414 server issues for features that work with batch of resources. Reduce the size of the batches.
"When you're ready we can share the wine."
Listen to the release song!