Brave Browser wants to use your confidential information stored in "Brave Safe Storage" in your keychain?

Technical Summary

Recent changes involving Brave’s certificate/provisioning-profile have resulted in a need for users upgrading to v1.18.75 or later to grant Brave access to the random 128-bit password it created upon installation, so that encrypted profile data can be read/written by the browser. This doesn’t grant Brave access to anything else on the machine.

Users are encouraged to “Always Allow” Brave access to Brave Safe Storage.

Okay, Now in Plain English

Users of Brave on macOS who recently upgraded to version 1.18.75 saw the prompt below when restarting the browser. Many of you are wondering what this is, so I’d like to briefly explain. Some of you may recall installing Brave, and having to provide your macOS password at that time as well, and for the same reasons we’ll be covering below.

When you installed Brave for the very first time, a secret key was created. This secret is used to protect files created by Brave, files which store passwords to websites, information about your Brave Rewards profile, and more. This secret was given to macOS to be stored in Keychain.

By encrypting files with a secret key stored in Keychain, Brave is able to add an extra layer of security to your data. After all, if somebody were to get access to your files, but not the key with which they were encrypted, they wouldn’t be able to do much.

Version 1.18.75 of Brave included some routine, yet generally infrequent changes to our app which impacted Brave’s access to that secret key. As such, users are prompted to grant Brave access to its own private key stored within Apple’s Keychain application.

What happens if the user Denies access?

Denying access means Brave will not be able to retrieve its own secret key. This results in Brave’s inability to read/write data to the user’s profile directory, impacting things like stored passwords, Brave Rewards data, and more.

What happens if the user Allows access?

Brave has always had access, since the application was first installed. Recent changes to the build process yielded the need for users to confirm that Brave should continue to have access to its own private key. When you allow Brave to access the private key stored in Brave Safe Storage, the browser will continue to operate as expected.

Users are encouraged to “Always Allow” Brave access to Brave Safe Storage.

It’s important to note that granting Brave access to the Brave Safe Storage Keychain entry does not give Brave access to other sensitive information stored in your Keychain. Brave is only able to access the random key it generated when you first installed the application.

What is the Keychain Password?

This is usually the same password you use to log into your computer.

How can we be of further assistance?

I hope this helps. Let us know in the comments below if there are any questions :slightly_smiling_face:

10 Likes

Thank you.
All very logical now that you’ve explained what happened.
Memo to Self:
Post question a.s.a.p. instead of waiting two days even though Work to do + time constraints.
Went 2 days without using Brave.
Not. Fun. :worried:

3 Likes

Will this help Brave actually pay BAT for viewing ads? Seems like a lot of folks are having issues (myself included) and no one from Brave can help

3 Likes

I think apple disallowed brave to give bats to ios users for supposedly going against his terms and conditions regarding the app.

Or something like that, someone shared the link on this forum but I don’t remember where.

2 Likes

Hello Sampson I accidentally clicked on the deny button when this prompt appeared, how can I retrieve all of my data and click on always allow? Please help I’m on Mac…

1 Like

No data is lost; this feature only grants Brave access to the key to read/write data. Without access, Brave won’t change any of the written data. Restart the browser and you should be prompted again.

2 Likes

Happy to assist; please create (or find) a thread for that issue.

1 Like

You’re referring to https://brave.com/rewards-ios/, which I believe may be unrelated to the user’s question.

2 Likes

I did not update to the new version of the browser, so how does this apply to my question about lost passwords? What do I need to do next? Upgrade to the new version?

1 Like

Please check to make sure you’re not on 1.18.75 or greater. If you’re on an earlier version, and your passwords are still missing, then you’re certainly seeing a different issue.

1 Like