stripthis
commented
5 years ago Yes you are correct there is currently an issue with session timeout. I'm scheduled to look into it in the next sprint.
Closed shochdoerfer closed 5 years ago
stripthis
commented
5 years ago Yes you are correct there is currently an issue with session timeout. I'm scheduled to look into it in the next sprint.
ghost
commented
5 years ago Almost same here, when I enter my password to get a password while the session is expired, the extension crashes with a sad smiley. I had to reload the extension in Chrome Extension Settings.
rgpublic
commented
5 years ago I also have the feeling that the Firefox extension asks me for a password unusually often. Is this the same bug? It's driving me nuts. I can check [x] Remember until I log out, but clicking on a password very often leads to Passbolt asking me again for a password. AFAIK there is no easy way to change your password. Looking back, I somehow regret to have chosen a longer password, because Passbolt requires me to type it in time and again.
If you open the Passbolt page, for example, you need to login again. Even though you already logged into the extension. I already filed that as another issue here. On top of it, the checkbox [x] Remember until I logged out is also unchecked everytime. You forgot to check it? Bad luck again. Taken all these things together it can really make you a bit aggressive over time ;-) Please, dear holy Passbolt gods, do something about it and relieve us from this pain :-)
stripthis
commented
5 years ago @rgpublic yes we are aware of the problem and @cedricalfonsi is actually working on a fix as we speak. We're not gods, that's why it's taking time! :D
stripthis
commented
5 years ago @rgpublic btw if you want to change your passphrase, you can export the private key, change the passphrase with let say mailvelope or gnupg and then do a recovery and import the updated key. It's not user friendly, but it works.
rgpublic
commented
5 years ago @stripthis Hey, thanks a lot for the info. Good to know I have that option. If this issue is currently being worked on, I'd rather hold on for a bit, though, and stick to my current long & safe password and keep my finger crossed I won't have to type it so frequently for too long.
cedricalfonsi
commented
5 years ago Fixed with v2.11.0
shochdoerfer
commented
5 years ago Not sure if this is really fixed with 2.11.0. A colleague constantly gets logged out through the day. He is mostly using the web ui. I experience something similar using the browser extension. I have to login every now and then.
Do I need to configure session timeouts in php.ini?
stripthis
commented
5 years ago Do I need to configure session timeouts in php.ini?
Yes. https://community.passbolt.com/t/why-are-session-timing-out-more-rapidely-since-v2-11/1995/3
shochdoerfer
commented
5 years ago Thanks will have a look then. Sorry ;)
stripthis
commented
5 years ago No worries!
The Passbolt web ui - not sure if this is the right repo to report the issue - does not seem to recognize timed out session on the server side. I can browse and open the password details without any problems. When trying to access a single password, I get asked for my own password to unlock it and even when correctly entering my own password, I get asked again for my password.
When reloading the application, it will take me to the login page. After logging in, everything seems to work again.