Description of the issue: After Brave updated to version 1.80.113 Brave deleted all of my saved passwords everything else stayed
Steps to Reproduce (add as many as necessary): 1. 2. 3. Updating Brave to 1.80.113
Actual Result (gifs and screenshots are welcome!): Brave deleted passwords after an update
Expected result: Brave not deleting passwords after an update
Reproduces how often: 1 time
Operating System and Brave Version(See the About Brave page in the main menu): ASUS Rog Ally Windows 11 23H2 Brave version 1.80.113 Chromium version 138.0.7204.49
Additional Information:
Just a quick update — I’ve also filed a full GitHub issue here: https://github.com/brave/brave-browser/issues/47258#comment-composer-heading
No dev response yet, but hoping it’ll get triaged soon.
@BrowserLover thanks for filing an issue. I’ve flagged with the team for review.
Thanks, appreciate you flagging it. Let me know if the team needs logs or the original Login Data file — I’ve backed everything up.
1 Like
@BrowserLover that would be great, thank you! Could you email those to [email protected]?
Hi Steeven,
Just following up to see if there have been any updates on the password deletion issue I reported. Please let me know if there’s anything else I can provide.
Thanks again for your time and help!
Still no update from the Brave team yet — looks like things may be delayed a bit due to the July 4th holiday. I’ll follow up again next week if there’s no word. I am standing by if more info is needed
@BrowserLover thanks for your patience. I’ve sent all of your information, including the issue you created to our lead developer. At the moment, unfortunately I don’t yet have an update on how to best move forward.
1 Like
Got a report about this from a family member today. Passwords, history, shield stats, rewards account, etc all cleared. Bookmarks remain. From what I gather, all the data is still present on disk. They insist Brave was fine last night before they shut down their PC.
I had them back up the User Data directory. I hope a fix arrives soon.
1 Like
Update Possible Root Cause: DPAPI + Profile Corruption
After following the rollback and profile restore process without success, I’ve concluded the issue may be related to DPAPI encryption and Windows user profile integrity.
Brave uses Windows DPAPI to encrypt saved passwords. DPAPI relies on:
• The user profile’s master key (stored in AppData\Microsoft\Protect)
• The user’s current login credentials (password/PIN/biometrics)
If this master key becomes invalid or regenerated (e.g., due to profile corruption, OS instability, GPU crashes, or unexpected restarts), DPAPI can no longer decrypt previously stored credentials. This makes the encrypted password blobs in Login Data effectively unrecoverable, even if:
• The profile files remain intact
• Brave is rolled back to an older version
• System Restore is used
In my case:
• The issue appeared before a Windows update (24H2), so likely unrelated to that.
• It possibly followed a screen flicker/system instability event.
• Rollback to 1.79 (Chromium 137) did not restore passwords.
• Brave opened fine, but the password list was empty.
Bottom line: If the DPAPI key is invalid, the passwords cannot be decrypted. Sync or a dedicated password manager is the only reliable protection.
2 Likes
Yeah, @BrowserLover that’s what they had explained via https://support.brave.app/hc/en-us/articles/29808985123085-Sensitive-data-storage and typically gets linked to. I see didn’t refer you to that earlier.
I just think the big question has been the cause of the corruption or other issues as people have them. And indeed a way of them having to figure out a good way to keep things protected. As you mentioned, likely just is that people need to be sure that they are doing regular backups, syncing, etc. Even a dedicated password manager is just a combination of a backup or sync, but via a 3rd party.
Thanks for the clarification! Here are the key takeaways I noted:
• Sync: Runs automatically every few minutes. You can check status or trigger manually at brave://sync-internals (though usually unnecessary).
• Why data disappears:
• Clear on Exit setting enabled, or
• OS-level encryption key changes/corruption (e.g., DPAPI on Windows).
• Login data is still on disk, but unreadable without the original encryption key.
• Linux users: Passwords may fail if the keychain isn’t unlocked before launching Brave.
• Best practice: Export passwords periodically (CSV) or use a dedicated password manager to avoid loss.
This matches my case: rollback didn’t work because the encryption key was already invalidated. Thanks for confirming the cause and providing resources!
1 Like
@BrowserLover want/need to keep this open or should we mark something as a solution and/or close it?
Asking as not sure that there’s any more follow-up on this and uncertain if there’s any benefit on keeping it active for others to reply on it.
1 Like
“Confirmed with Brave team that the passwords are unrecoverable due to DPAPI encryption key loss. Sync or a password manager is recommended to prevent this in the future. Thanks for the help!”