Can Brave team please contact LastPass & resolve this pesky "Are you sure you trust Brave" popup?

Every time, but really every time I wanna autofill my stored login credentials (via LastPass), I get this “Are you sure…?” nastiness.

H3ll yeah, I’m sure! :wink:

  1. It’s site-independent (occurs on all sites)
  2. This doesn’t appear in Chrome (for Android)

It’s like LastPass doesn’t even comprehend Brave as safe or whatever.

Im also sure (lol :joy:) that this is more of an #LastPass case rather than Brave bug… but still:

Having in mind that many of us use both LastPass AND Brave together -

Can Brave team PLEASE contact LastPass and resolve this irritating & needless popup?

Brave should be treated the same as Chrome, nothing more or less.

:purple_heart: ya all,
M.

Are you sure this is not a Lastpass setting? Lastpass settings are completely inconsistent, messy and often not working at all (like this setting). From a usability standpoint Lastpass’ settings are an absolute and utterly fail.

I’m using Lastpass myself and only get this warning occasionally and usually once for every website.

1 Like

You’re absolutely right about “mess” in LP’s Settings menu… But I’m quite sure its not any setting on my side because I get that popup in Brave only & for the same website I don’t get it in Chrome… If it were Settings in LastPass behavior would be the same, right?

It’s the way LastPass treats Brave, at least in my mind. I dunno how to explain it. It’s constant. It shouldn’t be. It’s annoying. That’s why I think this can only be resolved in direct communication between Brave team & LastPass, so that LastPass treats Brave in the same way(manner) as Chrome. As trusted browser app… Without need to constantly approve fill in Brave.

Ironically, Brave = (version of) Chrome = based on Chromium yet LastPass behaves differently in same scenario, triggering unnecessary pop-ups. If it was just once, I’d be satisfied. It’s not. It repeats again & again.

Regards,
-M

You’re right - Brave and Chrome/Chromium should behave the same.

Well, maybe try and post it in the LastPass forums. Might somebody else has an idea and at least Lastpass gets notified about this issue.

1 Like

@Marco,
Just to confirm – you’re saying that you don’t see the same pop-up/confirmation from LastPass when you’re using it in Chrome?

1 Like

Yes, @Mattches

This is how it looks in Chrome:

Just my username, which I tap & its filled. No pesky pop-ups before nor after…

Im telling you, LastPass internally maintains a list of “safe” apps. They don’t consider Brave safe. It doesn’t mean that Brave is unsafe, it’s just LastPass’ perspective… Due to the poor maintenance of that trust/distrust list on LastPass side

It’s not any Lastpass setting, its not website specific, its LastPass not treating Brave the same as it treats Chrome. I suppose only LastPass (employees) know WHY.

Thank you for the report, @Marco. Can you also tell us which version of Android and Brave you’re using, as well as which version of LastPass? I’d love to see if I can reproduce this issue locally.

2 Likes

Sure:

Android 10
Brave 1.8.93
Chrome 81.0.4044.138
LastPass 4.11.8.5429

I think it’s the latest of everything…

This issue occurs for a long time, it’s not new.

LastPass never initiates “Are you sure” dialog in/for Chrome. Never.

It initiates it for Brave. It initiates it for other apps too. But not browser apps. (ie Relay for Reddit etc)

That’s why I’m under impression that they maintain a (short!) list of trusted apps (that isn’t publicly available!) & that you have to talk with them… @sampson @Mattches

Popup simply doesn’t consider target app safe. It actually warns me if I wanna enter credentials specifically in Brave. Same everything in Chrome = no problem at all.

& its fired up for many websites, not just this stockpedia. It even asks me for gmail/google login.

Only common denominator is: Brave. Or: how LastPass treats it.
If i use Chrome (everything’s the same! Every setting) or even Firefox for Android - I never see that popup. :pensive:

1 Like

Phenomenal feedback, @marco. It sounds like you’ve done all of the necessary work to assist us in making an outreach effort. You may very well be correct that LastPass considers Chrome safe, and all other apps less safe. We’ll investigate :slight_smile:

2 Likes

Here we go! :slightly_smiling_face::crossed_fingers: https://twitter.com/BraveSampson/status/1261534629674156032

image

2 Likes

Thank you. I really hope they’ll react. I’m 99.99% sure its their fault.

We’re speaking about mobile browser here (Brave), not some casual app where I have to login once in a while. Here I have to login constantly every day and I can’t ignore the fact that LastPass pushes this in front of my face everyday. It’s simply: unnecessary. And: discriminatory (compared to Chrome for Android)…

So, @ LASTPASS - Please, whitelist Brave.
It’s OK if you have a list of trusted/less trusted, your code is proprietary, you have to deal with security & whatnot, but you have to maintain that list.
Or give us, your (LastPass) users power to whitelist apps. In this case: Brave

1 Like

Also, @sampson, please investigate this (try to replicate it yourself)… You, or anyone else who uses (both Brave and) LastPass. Users too!

Currently, I have a feeling that I’m the only one complaining, yet I’m quite sure that this doesn’t affect just me. It affects everyone who uses LastPass & Brave (as default mobile browser.)

It doesn’t have to be compared to Chrome! Even Firefox for Android(version 68.8.0) is “properly whitelisted” on LastPass side: no popup, at all:

It’s just the Brave that isn’t. :(((

I can attach different screenshot using some other website (other than stockopedia) but it’s not website thats issue here, its the target app (app that contains login field) - Brave.

I mean it’s clear even from the popup message that LastPass warns me about app (Brave), not website per se… :two_hearts:

1 Like

Here’s my proof it’s not site specific:

It happens on major sites too (Twitter, Facebook, Gmail, Instagram, Google Drive, Dropbox etc etc), actually it happens on all websites - as long as they’re opened up/loaded in Brave… :frowning:

Trying to login to my Twitter account (using Brave) -

Same but using Firefox:
(no pop-up, redacted for privacy)

& Chrome:
(same as in FF.)

Hope this is clear proof that somethings quite wrong on LastPass side.

Brave isn’t treated like Chrome nor like Firefox, albeit a fact that Brave is open-source Chromium based (and LastPass can dissect it / easily confirm that its “as safe as Chrome”, if not even more!)

& sorry, I forgot to reply to @Brave_user

See the post before this one. It’s not just Chrome (that LastPass treats “better”), it’s Firefox too. But you’re right - LastPass should behave (treat) Brave same as Chrome. Unfortunately, it doesn’t. :frowning:

As for contacting Lastpass, I did it in the past (I’m experiencing this for months already), waited, and waited and received no reply at all. I admit I didn’t try LastPass community cos I thought emailing support is enough…

I also ignored this for quite some time, thinking “oh well, Brave is new, maybe they need more time” & hoping it’ll be resolved automatically.

New versions of LastPass appeared, “annoyance” stayed… Brave isn’t new anymore and its user base isn’t small anymore.

I’m also aware of my “reach potential”; that I can’t do much, alone. I’m just one voice of reason but that’s obviously not enough when LastPass ignores my request for help. If there were more people saying the same thing - this would have been resolved: yesterday.

I’m also a strong believer of polite company-to-company communication, intended to make something better for the users of both (LP & Brave) “worlds”… -

I appreciate the Tweet that @samson published but I believe that having a clear report on what’s going on here (replicated behavior done by Brave devs) and official email contact between Brave & LP has better potential to solve this for everyone.

LastPass is a great password manager.
Brave is an awesome privacy-focused browser.
If I need my LastPass to “trust” some app and behave properly - my default browser (Brave) is literally № 1 in the list (obviously, because that’s where I use password manager predominantly.)

I honestly hope that LastPass will agree. Maybe in the next LP app update (or even without it, if they do their trust/distrust server-side - which is also what I think because milliseconds before popup LastPass app is launched, probably to do the “check” of target app-app we are trying to put our credentials in then it closes automatically and “Are you sure you trust Brave?” pop-up appears / that’s how I interpret it, and I think I’m right.)

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.