TL;DR: Is the built-in Brave Password Manager wide open to anyone who is logged into the same Windows account that passwords were stored under?
The Long Version:
I could not find a category that seemed more appropriate, but this is not a request related to an issue. I’m looking for community comment/analysis of Brave, as related to an amazing bug in Chrome that led me here.
I understand that both Chrome and Brave use much of the same underlying code, and wonder if that includes the Password Manager. In Chrome, you can literally sign completely out of your accounts related to Chrome and the web. Then someone else can sit down, pop open Chrome (under their own or possibly even a guest Google account) and freely access your passwords… without even trying to hack anything. They are just available. Google doesn’t even appear to consider this a bug.
So… I’ve come to Brave. But I’m wondering if it is effectively the same. In Chrome, since Chrome/Google manage the sharing of passwords across devices (only when you are logged in), it has the appearance of protecting your passwords… It acts like it is protecting them in the cloud. However, once you sync, the protection is not in the account. It is only protected by virtue of your access to the browser.
Brave doesn’t have the kind of over-arching cloud account that Google/Chrome integrates. But is it still wide open to anyone with access to the computer account? In other words, totally unsafe to use under any sort of shared account?
Thanks in advance.