First Setup
Click on the invitation link
The setup by default starts in your mailbox, with an email sent by your passbolt instance administrator. This is to ensure your email address is verified and can be trusted by other passbolt users. It will also be used to send you notifications in the future.
The invitation link is only valid for a day or two. Best to get started before it expires. If it expired, you can always request a new one by providing your email. Check your spam folder in your mailbox if you do not receive the link after a few minutes.
Install the browser extension
After clicking on the link in the invitation email, one need to install the browser extension.
The browser extension is required to use passbolt. This is to ensure end-to-end encryption, e.g. to make sure the application cannot be modified if the server is compromised. It is also needed for some functionalities like the autofill.
Depending on the browser you use you will be taken to the webstore, to install the extension. Here is the example on the Chrome Web Store.
Pin the browser extension
Once installed the extension should automatically close the Web Store page and take you back to the setup. There You will be shown instructions on how to pin the browser extension in the toolbar. Pinning the extension in the browser toolbar is usefull as it will make sure you always have one-click access to your credentials.
Select a passphrase
In this step you are requested to the setup a passphrase. This will be the main password that will be used to protect your encryption key. You want to choose something that is long enough and difficult for an attacker to guess.
Passbolt uses a system of public/private encryption key pair. The private key is required to decrypt information stored in passbolt. The passphrase is used to encrypt that private key. For your security by default the private key and the passphrase never leaves your devices.
Download recovery kit
Since your private key is required to login, it is important to make a backup. This backup is encrypted with your passphrase, so it safe to store for example in a USB stick or your hard drive, for future use. You will need it for example when you want to setup passbolt on a new machine, so keep it handy!
Select an anti-phishing token
In this step you need to select a color and three letters. This will be your security token. This security token is usefull to prevent your from phishing attack. For example an attacker creating a fake passbolt dialog on a website that you visit to capture your passphrase. Since an attacker will not know your security token, you should be able to spot such attacks before it's too late!
That's it!
Once you click next, the browser extension is now fully configured and will log you into your passbolt instance.
You should be able to see you user workspace. You can then start managing credentials!