SYNC security question

I think I’ll switch to Chrome soon.
Because I don’t feel protected with this kind of synchronization, when anyone can come to your computer and look at 25 words. If there was a password like your brave wallet, I wouldn’t even think about it for a second.
please convince me not to switch to chrome🥺

Why would you leave your computer open and accessible to them? You speak about worrying on them accessing your sync phrase, but if they have that much access to your PC then they could just copy everything on your PC, install a keylogger, or whatever else.

And btw, you act like Chrome is safer. But if you let people access your device there, they could easily copy your data from Chrome as well. They just would go to your passwords and export to a file, which they can then email themselves or move to a flash drive. They then would have all of your usernames and passwords in plain text.

There’s reasons why our devices have passwords and allow for you to create multiple accounts.

As to Google vs Brave on sync: Google would be tied to your account. So if they grab your info as I mentioned, they have access to anything you add or do and you wouldn’t necessarily know about it.

For Brave, the sync code changes daily. You also are able to see any devices on the sync chain and can remove them if need be. So it is indeed more secure.

Just edited out portion, but have it as strikethrough text. As I said you wouldn’t necessarily know about the person having access to your Google account without you knowing, I did forget you can access a part where it will show where all logins were made from. So that part wasn’t accurate, hence why I quickly edited. But all else remains true.


in Chrome, without a password and without Windows Hello, you will not receive anything.
You can use Brave in the office, where no password is needed, to gain access to all passwords when you step away for a couple of minutes. And there is no notification that someone has connected.
It would be nice if they added the ability to add a password to SYNC

1 Like

maybe you can tell me some secret that I don’t know

I stand corrected. I know it wasn’t too long ago I was able to export passwords without it, but I guess either it was a fluke or they changed things. I see what you mean where it requires the OS password if you go to do it.

I guess main thing is just to try to perhaps tag in @Alexey to ask if they might be able to extend that same capability to Sync. I do see someone had created a Github fot it last year:

I guess I’ll also tag in @mattches. Hopefully either person would be able to help explain how big of a lift it would be to replicate password manager protections over to the menu for sync code

1 Like

I don’t think they will answer us. This article on Github is almost a year old and they still haven’t responded.

Keep in mind when you look at that Github, it was not created by anyone at Brave or anyone collaborating. It just was users who submitted the issue. Where this becomes important in considering is that people don’t always think of the following:


  • There are currently 6,948 open Github tickets of issues and requests.
  • 27,275 are closed (completed or whatever)

That’s just for desktop. I’d also like you to consider Brave is incredibly small. They never have given numbers, but I think they said still less than 100 people working on everything.

When I stressed part about just on Desktop, is you’ll see iOS has its own as well:


You can also go to places like to see how they have projects divided and click to see what they have slated. For example:

Far left are things that someone from Brave has reviewed and been pushed to the category, but not been triaged or anything. Then each step to the right is priority on importance. As they work on things, sometimes stuff is important enough to jump in priority.

Of course, when saying priority, that’s a mixture of how long it will take to get done, resources required, and how vital it is to the core of the browser and user experience.

My Point

They do have a lot of things that sometimes don’t get seen for months or years. And even when they do see it, it’s a big juggling act. So while it may have been a while without any replies or action, it’s possible (maybe even probable) that they just didn’t see it as they’ve been working hard on big issues.

Oh, they’ll answer. It might be a few days (especially considering it’s Friday night right now) or weeks, but I guarantee they’ll respond here or on the Github. Part of the big reason I’m confident is because we are tagging them and bringing it to their attention. What we won’t know is if they will work on it or how many things of higher priority might have to be handled first.

The reason I asked if it was a big lift is because that answers in part. If it’s a big lift, it will likely be a while before handled. But if there’s a simpler way of connecting things, they generally can try to squeeze it in or at least have it planned in their projects.

1 Like