Hello Brave community,
I just used the password manager and realized it is not secure (to say the least):
In other browsers (e.g. the hated Chrome), you can go to settings and retrieve the passwords that the browser saved when accessing website that are password-protected. However, in order to retrieve these passwords, the browser requires the user to first provide his own password to the computer in order to make sure that the person who is attempting to access the saved passwords is not just someone random.
Today in Brave browser, anyone who walks by my computer can go to settings->Security->Manage passwords and simply copy/paste all my passwords without ever being challenged in any way shape or form.
I find this to be a huge security breach and a real genuine concern.
How can we go about fixing this?