Features requests

MFA is now required by most websites, but Passwork's browser plugin makes it frustratingly difficult to use. This forces users to abandon MFA or use separate apps. CURRENT ISSUES BROWSER PLUGIN PROBLEMS Can't add TOTP codes in the plugin - must switch to web interface. No TOTP copy button - login/password get convenient copy icons, but TOTP doesn't. Broken workflow - must search for entry → edit → copy, interrupting login flow. WEB INTERFACE PROBLEMS Confusing setup process - most users fail to add TOTP codes. Poor instructions - select "TOTP" field type, then what? Unlabeled fields - two empty boxes with no explanation. Broken submit button - stays disabled even after pasting TOTP secret due to hidden requirement - a "name" field is required but not marked. IMPACT ON USERS Inconsistent experience - easy copy icons for passwords, complex process for TOTP. Login interruption - must stop mid-login to hunt for TOTP codes. User frustration - many give up and don't use MFA at all. WHAT WE NEED ADD TOTP COPY ICON Put a TOTP copy button right next to the login/password icons in the browser plugin. ENABLE TOTP SETUP IN PLUGIN Let users add TOTP codes directly in the browser plugin without switching to the web interface. FIX WEB INTERFACE UX Clear field labels, working submit button, step-by-step guidance, proper error messages. Please make it simple again: Username → Password → TOTP code, all with single clicks.

Make it so that you can choose which e-mail notifications you want to sent to admins/users.

We would like a feature that clear the clipboard/password after X Seconds

It would be nice to be able to export the data to a kdbx again Passbolt can do that

The login process is changing more and more to Passkey. It should be possible to create, save and delete passkeys in passwork and then carry out the login process via passwork.

BACKGROUND We adopted Passwork several years ago specifically for its clear security model that distinguished between private and shared vaults. This structure provided private vaults for individual user credentials and company-wide shared vaults under password administrator oversight and audit control. ISSUE WITH VERSION 7 The introduction of private vault sharing in v7, while useful for some organizations, has created a security oversight gap. Users can now share their private vaults directly with other users, bypassing our password administrator's audit capabilities. REQUEST We would like to request an administrative setting that allows organizations to disable private vault sharing when centralized oversight is required, maintain the original security model where all shared credentials remain under admin supervision, and preserve existing functionality for organizations that prefer the new sharing capabilities. BUSINESS JUSTIFICATION Many organizations require complete audit trails for shared credentials due to compliance requirements, security policies, and risk management protocols. PROPOSED SOLUTION Add a configuration option in the admin panel called "Allow private vault sharing" as a toggleable setting. Default should be enabled to maintain current v7 behavior. When disabled, this would restore v6 behavior where only admin-managed shared vaults can be shared. This approach would accommodate both security models while maintaining backward compatibility.

With the migration of passwork from v6.x to v7.x, folders and subfolders are no longer sorted alphabetically but in the chronological order in which they were created. This is very confusing and unintuitive. It would be nice if the alphabetical sorting could be reactivated.

In Security Dashboard use haveibeenpwned.com to monitor password leakage for users.

Hi ! FIDO2 implementation should be a very nice feature especially to allow multi-factor authentication with physical tokens (like SoloKeys or YubiKey). Thanks !

When a new user onboards, it would be helpfull to create 1 private vault for that user by default. So that he can already save passwords in it.