Please make Brave Browser easier to move from another device. The sync process of this browser is not easy to use for me. Please include account sync so we will just log in to our brave account to sync from across devices and the History, Bookmark and etc. will share across my devices and avoid having no worries from unexpected problems on my PC in case I didn’t save the Sync Code.
For example, Using our secured Brave account in which our Bookmark, settings and etc. are saved. We can browse across different devices without manually save the Browser settings. The Sync will be based in Brave account.
That would mean Brave would need to store and handle the endless user accounts. Thus, following the same Google is actually doing.
One of the Brave browser main features is privacy. Another one is decentralization. Going for a centralized user account based system does not seem very compliant with those approaches.
If that’s not possible, they should allow us to connect our Brave Account to Brave Browser to store Sync chain code within the account so it can be joined automatically in Sync chain. I’m more worries on my saved bookmarks not history.
They should provide 2FA in our Brave account to make it more secure and at their end, they should make it unhackable.
As to your answer on the request, I’ll just copy/paste it here.
Question #24: We’ve had a lot of requests to have Sync linked to something like our Profile or to have an account, something that’s more permanent. Is this something that we can get?
Answer We’d like to be able to give people the best of both worlds. Of course those 24 words were inspired by the simplicity and intended for self-custody. We had built it from the ground up and wanted it to be more like Web3 tools we’re used to. But we get that it can be confusing and that there are people who want that more traditional profile sync.
We’re looking at things like where you can hook up an email address but behind the scenes it would be more private and strongly secured. There’s a lot of work to be done but hopefully more to come.
Yes unlike traditional sync, where we used Google account to sync my History, Bookmarks etc. In Brave, the sync chain code is connected to our Brave account so it can be applied automatically. But its up to user wether they use the sync word code or login to automatically apply the sync chain code.
Yeah, point is they said they hadn’t done it up to this point on purpose. They are trying to find a happy medium perhaps, but it’s not a top priority. The question before kind of answered the “why” behind things.
We’re trying to actively prevent Users from having their codes stolen or asked for. We’ve had some Users who found codes in documents and were essentially sharing a Sync account. And there have been phishing attacks and things along those lines. It’s designed to prevent that and make sure you’re actively using it at the time.
Overall, they don’t want people using Sync like it’s a form of backup and they want to have as few entry points to data as possible. Linking it to accounts with passwords and any of that would make it easier for people to access information. It’s also a lot more data for Brave to have to store.
We’ll see what they end up doing for the future, but I at least wanted to share that so you can see it’s already been asked and answered.
24 words is a method that countless people like, but because one ten thousandth of the user’s KEY is lost, the whole world has changed. Do I need to change the bank security system because the bank password is lost?Will the banks agree to revamp the banking system? It’s your own fault, not the bank’s. 24 words have security issues, but what should be done is to change it, instead of treating hackers as fools, add a 25th word, don’t hackers know that 25 words will change?
The lack of an ability to sync an account with a server without having to setup the account on a 2nd device is actually what is preventing me from changing from Chrome to Brave…
I don’t see why one thing prevents the other. Take Firefox’s example. Firefox allows you to setup an account, and to back up your browser data online. The only thing is that everything is locally encrypted on the device, using the email+password combination, and sent encrypted to Firefox’s servers. Mozilla can’t read the data because it’s encrypted and they don’t have the decryption keys. Of course, if I forget my password, I lose access to all my data, that’s the catch of local encryption, but that’s fine.
Regarding decentralization… Why fully decentralized? We don’t have to be so religious about that, and instead use a hybrid approach. One where your data is always synced with a central server (if available) and then distributed, but that also allows you to sync directly with other devices if for any reason the central server failed. The only requirement for this is that devices would have to know about each other, but that can be arranged via the central server. In fact, I think it is already currently arranged by a central server in Brave.
This would be very handy. One of the reasons is that using an account+password can be handy, but the 2nd, more important reason (at least for me), is that I wouldn’t have anymore to login into a 2nd device in order to get my browser data backed up. For example, right now I have a brave account I would like to backup, but I have absolutely no interest in setting it up on a 2nd device, because I just don’t need it anywhere else.
(Also, ideally you would still example using a pass phrase instead of account+password, and just let the users choose what they prefer to use. I know that some people don’t want to create and account and then just use the passphrase instead).
I mean, Firefox handles sync pretty nicely, so we know it’s possible. We can use these hybrid approaches such that is works for everybody.
Passwords can be exported, the rest of your profile (maybe not credit cards and addresses, I’m not sure) can be backed up just by saving the folder somewhere. If you want your passwords stored by someone else you can do that with several services which integrate into the browser via extensions.
Well, I know I can manually backup things, and that’s what I already do sometimes when I use Brave. But it would be more convenient if the sync just worked more the way it works in Firefox. Where is also effectively also backed up in Mozilla’s servers. This adds ease-of-use. This easy-of-use would make me fully switch to Brave, instead of 80% Chrome + 20% Brave.
To summarize, what I am proposing is:
Hybrid sync: both server and p2p. By default things are synced to the server, but if say, the server fails, then p2p syncing between the user’s devices takes hold.
Server Backup: Having just one device should be sufficient. And then the browser would just keep syncing with Brave’s servers. Currently, if I create a sync passphrase, but don’t add it to a second device, it doesn’t get synced anywhere, not even with Brave’s servers. This would also enable having a safe backup without having to login to a second devide.
Dual Login. Keep the current passphrase login, for people that prefer it, but allow also a username+password login (also locally-encrypted, just like Firefox does). The browser could derive a private key from the username+password combination, for example.
I think this would make everyone happy, and give me no reason not to fully switch to Brave. Honestly the only reason why Firefox is not an option for me is due to not using Chromium, otherwise I would just would Firefox.
Setting up sync does create a backup without adding a second device, which is why you can download everything to a second device when you enter the passphrase. The problem is that the passphrase has to be changed regularly to prevent scammers tricking people into using insecure sync chains. But if you make a note of the passphrase every few days you can work out how to use sync as a backup (I doubt the devs want it explained in full, so that’s all I’ll give you). I can’t guarantee it will always work, so backing up more often than “sometimes” is still best practice, as is having passwords duplicated in a separate password safe.