What to do after getting your pc stolen

Hi everyone. I don’t know what to do, but today I’ve got my pc stolen. It was a windows pc with a passcode and brave as main browser. My question was: can I do something to prevent them getting access to brave and all the password stored in it?
Thanks in advance to everyone

Nope. Nothing implemented into Brave for that. You can go to brave://sync-internals and then click on Disable Sync (Clear Data) which should stop sync between devices, but anything that had already been synced would be listed on the other computer. Essentially this just means you’d clear the sync chain and then have to go to all of your accounts and change all passwords.

I believe that’s about the only option. As to Brave Wallet (I’m talking Wallet, nothing to do with Rewards), hopefully password would be good enough that they can’t get into it. Not sure of any way to disable that necessarily. And hopefully you also have your seed phrase for it that you’d be able to pull it up on your second device. Then I guess you’d be moving assets off of it, resetting, and then be able to use a new Wallet to host it all again. (would be kind of costly if had a lot of assets, but I’m not sure of other options, if you were actively using Brave Wallet)

We can see if @fmarier might have extra advice. But that’s all I’m able to think of.

2 Likes

Ugh. Sorry you’re going thru this.

https://chromium.googlesource.com/chromium/src/+/master/docs/security/faq.md#Does-the-Password-Manager-store-my-passwords-encrypted-on-disk

The good news is, on Windows they should be encrypted and protected by the Windows DPAPI. And if the passwords weren’t used/decrypted “recently” (I don’t know how long the timeout is exactly) then Brave should prompt for user authentication before decrypting the password storage for bulk viewing or export.

A user logged in as you could still log into misc. individual sites using those stored passwords though.

If you aren’t logged in, or if the computer is locked and they can’t unlock it, or if it’s rebooted first, etc. – or in other words, if they can’t get to the Windows desktop ‘as you’ or as any privileged user – they should in theory be ‘safe’ for the time being.

But you should still change them of course. The above should hopefully give you a sense of how ‘urgent’ it is to get thru them all, depending on the state of the machine when it was stolen.

1 Like

First of all, I’m sorry to hear that your PC was stolen. I’m sure that’s a very stressful situation and the fact that it contains your private data / passwords is just making it worse.

As others have said, whether or not the thief will be able to access your passwords depends on whether or not the thief is able to log into your computer using your Windows username and password. If the thief is able to do that, then they’ll be able to see the passwords stored in Brave (and any other browser you use).

Did you have Brave sync enable with another device? If so, you can reach out to me privately here and we can manually disable your Sync account + delete the encrypted data on the server.

Of course that won’t help with the fact that your passwords are also stored locally on your stolen PC. This is a case where you should be resetting all of your important passwords, starting with the ones for which you don’t have 2-factor (sometimes called 2-step) authentication enabled.

4 Likes

Thanks for the answer. Unfortunately I’ve not Brave Sync enabled, the fact is that I can’t remember all the password that were stored, I’ll start changing the most important one.
Thanks anyway for the help, I really appreciate it

Oh thanks for the reply, actually you’re quite making me feel better telling me this. The fact is: I don’t know how my password (a 6-digit pin) is safe and I don’t know the capacities of the thieves, I hope that they won’t have those abilities. I will start to change all the password - the most important one - asap

Thanks for the reply