Sync chain security


There is a minor security issue with the current sync feature.

Unlike viewing passwords saved by brave, there is no password prompt for viewing the sync code or adding a new device. This creates the issue that if someone had access to your phone or computer and wanted your passwords they would not need to know the local password to your device to access the protected saved passwords by brave, rather they could just add themselves to the sync chain and all your passwords would be on their device which they know the local password too; giving them access to all your passwords.

An easy fix to a large problem, it would be amazing if you guys could add the same prompt for a local password when accessing saved passwords on brave, to access the sync code.

1 Like

exactly, If our device is stolen then all our passwords are at risk