On Win 10, I forgot what my Win password was, since I’ve only used the PIN. I had to use Advanced Startup, which needs the Win password, not a PIN. If I’m logged into my Win account with a PIN, I can’t change the Win password, I have to know the old password (dumb). The only workaround I found was to create another admin user, log into it, and from there, change the Win password for my regular account. It worked, I logged back into my regular account with a new password with no problems.
But I’ve just noticed with horror that my Brave passwords (saved over years) are gone. I see the “Login Data” file in my Brave account and it’s fine, but encrypted. I now fear that Brave password encryption is tied to the Win account password. If this the case? If so, it’s a bad arrangement. How is a random Win/Brave user supposed to know that by changing his Win account password (NOT the account name, nor any data on disk) he’s effectively losing access to Brave passwords? If the password in one piece of software (Win) controls encryption in a different app (Brave) without making it very cear to the user, it’s bad. Is this the case? Is there a way to unencrypt my Brave passwords?
Win 10, Brave is up to date
Version 1.65.126 Chromium: 124.0.6367.118 (Official Build) (64-bit)
It is. They use your OS keychain for encryption. This is your user profile and password combination. Simply changing the password shouldn’t be enough to cause issues.
Your problem is that you force changed your information. Like you said, you couldn’t provide the details your OS wanted from you to change the password. So instead you created a new account and tried to change the password from there. Brave would have no idea of knowing that this isn’t a hacker or someone trying to steal your info. If you had purely done a password change from your account, you wouldn’t have had a problem. Just to give you a quote from someone at Brave:
Thanks for the reply. Assuming that I can remember the old Win password (I’m not sure) and I have a backup of old Brave files, what would be the procedure to recover my old Brave passwords? 1) Revert Win password to the old one, 2) replace the “Login Data” file in my Brave profile with the old one, 3) Start Brave, 4) Go to Password Manager, 5) If I got my old Win password right, I’ll see my old Brave passwords. Is this correct?
Possibly. I’m not sure how the OSCrypt thing works when admin changes. But as long as it’s seeing you as original user and it was the prior password, I think it would be good.
I would need @Mattches or @clifton to reply to that as I am nowhere near knowledgeable enough on the topic to want to give you any direct answer.
OK, thanks. I’m not sure if I need a restart after password change… Maybe Brave somehow caches credentials and it needs to be forced to recognize that the Win password has changed.
Good news: I realized that I have an old unused PC and I used the same Win password on both. I was able to log into the old PC, so I know for sure what the old Win password was.
Bad news: if I change to that Win password on my regular PC, Brave still won’t read my archived “Login Data” (archived when the same Win password was in use). Seems like retrieving Brave passwords requires some extra steps (Brave re-install?)
And that is part of what I was concerned about. Like I mentioned, I think whenever you changed it through an admin it completely tossed out the idea of you being able to recover it. The only chance for recovery is if you could do a system restore to a prior point perhaps. And even then it would be a bit of a gamble.
But like I mentioned before, these are all assumptions of mine. I know absolutely nothing when it comes to programming or anything else. I’m just another regular user who spend way too much time on Brave Community. I have learned some basic stuff from watching what support is told people combined with my own experimentation and experiences.
I’m hoping perhaps Mattches Will see the tag and respond here when he comes in tomorrow. If not then it won’t be until next week.
I guess I’ll tag in @steeven as well just to get another pair of eyes.
I re-installed Brave but still no dice. It kinda looks like, if the user changes his Win password, Brave “tags” something somewhere (registry?), so that even if you revert to that Win password, re-install Brave and restore the “Login Data” (or even the whole profile) from a backup, this mysterious “tag” persists.
The root cause for this happening is not known - but the effect of the OSCrypt key being reset is a known issue. @Saoiray captured the most popular case above - when someone changes the password for the account. My understanding was that this only happens when the user did not initiate the password change (ex: admin did). @element1 how did you change your password? If you used the Local Users and Groups snap in, that might have the same behavior as an admin resetting (versus when you do Ctrl + Alt + Delete and choose Change Password).
Changing back had worked in some cases before. I would try changing it back using Ctrl + Alt + Delete and see if you can decrypt that. You can see all the entries in the Login Data file if you use a SQLite explorer like DB Browser for SQLite - it just can’t decrypt the PW field.
I’ve used a PIN for years to log into Win, so I forgot (or was unsure about) my password. Recently, I had to use Advanced Recovery, which needs the password, not the PIN. I couldn’t easily recall what the password was, Adv. Recovery just told me what I entered was wrong. So to fix this, I logged in with my PIN, created another admin account, and from that account I changed the Win password in my normal account to something known. This is when I lost access to Brave’s encrypted info.
Later on, I found another PC, which I knew had the same original password, so in several tries, I was able to establish what it was. On my regular PC, in my regular account, I changed the Win password back to the now-known original password, but still no access to Brave passwords. Re-installing Brave and copying the old “Login Data” doesn’t fix this.
Wouldn’t a solution for such issues be an optional master password for Brave, in parallel to Windows encryption? So if changing the Win password causes issues, I can still retrieve my Brave info with its established master password. Like an account recovery option for Brave, the way Win has a USB account recovery. I’m pretty sure that 95% of Win users don’t realize that by changing their Win password (for whatever reason) they can lose their Brave’s data.