How about improving Vivaldi's password manager?
-
I'm personally not a fan of most cloud based password managers, they always give me some type of problem, especially when I install extensions. So why not integrate a more advanced password manager in Vivaldi, but of course with better security than the current one. It could look something like Padloc, see link.
-
@RasheedHolland Well, an external service wants to be paid and also a true OSS service could be not feasible due Vivaldi mixed Licence (BSD+EULA); it also should blend with chromium backend so probably not easy at all.
-
@Hadden89 said in How about improving Vivaldi's password manager?:
@RasheedHolland Well, an external service wants to be paid and also a true OSS service could be not feasible due Vivaldi mixed Licence (BSD+EULA); it also should blend with chromium backend so probably not easy at all.
For real? I was thinking of a simple password manager like the current one, but only more secure and more pretty. I'm not saying it has to become a fully fledged cloud based password manager.
-
Hi,
I guess this would be a low priority for V.Current works
Inherited from chromium, as many other featuresYou would search and suggest into https://bugs.chromium.org/p/chromium/issues/list
Then will be "auto added" in V.For the moment,
Not sure whether you use that PadLock but you may check some Passwords options at Extra Steps.--
"Off Topic Tip"
Start a Backup plan if not done so yet.
Follow the Signature's Backup | Reset.
Windows 7 (x64)
Vivaldi Backup | Reset + Extra Steps -
@RasheedHolland It also should be not too divergent from how chromium thinks because risking to break a browser password manager is both not pretty or secure
-
@Hadden89 said in How about improving Vivaldi's password manager?:
@RasheedHolland It also should be not too divergent from how chromium thinks because risking to break a browser password manager is both not pretty or secure
It would be a separate feature. So people who want to use the standard Chromium password manager can continue to do so. But for people who want a nicer GUI and more security, Vivaldi's password manager would be a nice solution. Currently there isn't even a master password and passwords aren't encrypted.
-
@RasheedHolland said in How about improving Vivaldi's password manager?:
passwords aren't encrypted.
"They are",
But to access/view them.You can still access any website if you gain access to the computer and runs the V Profile.
-
ZZalex108 moved this topic from Vivaldi for Windows on -
@Zalex108 said in How about improving Vivaldi's password manager?:
@RasheedHolland said in How about improving Vivaldi's password manager?:
passwords aren't encrypted.
"They are",
But to access/view them.You can still access any website if you gain access to the computer and runs the V Profile.
Perhaps I should have said that the current encryption is a joke. You can use certain tools to decrypt them. So malware who get access to your browser passwords don't have to crack anything. And if someone has access to your PC, you also have a problem of course.
-
Nirsoft?
Not tested since long.Not sure if you still needs OS password to decrypt.
Or it's another?
-
@Zalex108 said in How about improving Vivaldi's password manager?:
Nirsoft?
Not tested since long.Not sure if you still needs OS password to decrypt.
Or it's another?
Yes correct, with these tools you can decrypt the password, unlike with Firefox and third party password managers like LastPass and Dashlane, to name a few. I believe even Edge has beefed up password security a bit. And since Vivaldi already has a sync feature, it could also sync these passwords to other machines, of course with 2FA protection.
-
@RasheedHolland There's at least one great solution available now. KeePassXC is a full power password manager. It stores your encrypted passwords locally, but you can put the file in Dropbox... to access it from the web. It's cross platform (Win/Mac/Linux/Android). It has optional 2FA with a hardware key or file and has a great autotype feature which can type passwords for you so they don't pass through your clipboard. It can also store files. It's open source.
I have never seen a password manager built into a browser that was very good. It's better to use a specialized application.
-
The passwords in Vivaldi’s password manager are encrypted on disk. They’re also end-to-end-encrypted (E2EE) when using Vivaldi Sync. Vivaldi knows how many total bytes of passwords you’re syncing, but has absolutely no idea what’s in your password vault.
The on-disk encryption key is stored in the Windows Credential Store, MacOS Keychain, or the KDE/GNOME password managers (Linux). Programs you give access to your local machine’s keystore can decrypt Vivaldi’s passwords. The sync encryption key is the one you created — separate from your Vivaldi Account password — when you enabled Vivaldi Sync.
-
@josephj11 said in How about improving Vivaldi's password manager?:
@RasheedHolland There's at least one great solution available now. KeePassXC is a full power password manager.
I have never seen a password manager built into a browser that was very good. It's better to use a specialized application.That's what I'm trying to explain. I'm not looking for a fully fledged password manager. I already use KeePass and Enpass as local password databases. But so far the handiest way to fill in username and passwords for me, is to do it with the browser itself. Problem is, that it's not very secure and also not easy to manage.
-
@daniel said in How about improving Vivaldi's password manager?:
The passwords in Vivaldi’s password manager are encrypted on disk. They’re also end-to-end-encrypted (E2EE) when using Vivaldi Sync. Vivaldi knows how many total bytes of passwords you’re syncing, but has absolutely no idea what’s in your password vault.
The on-disk encryption key is stored in the Windows Credential Store, MacOS Keychain, or the KDE/GNOME password managers (Linux). Programs you give access to your local machine’s keystore can decrypt Vivaldi’s passwords. The sync encryption key is the one you created — separate from your Vivaldi Account password — when you enabled Vivaldi Sync.
Yes, but like I said, it's not very secure. There are password decryption tools that can easily crack the passwords saved by Vivaldi. Same goes for any other Chromium based browser, like Edge, Brave, Chrome and Opera. You can't even protect it with a master password like in Firefox. As a true power browser, Vivaldi should offer a better password manager in my opinion.
https://support.mozilla.org/en-US/kb/use-primary-password-protect-stored-logins
-
@RasheedHolland If you already use KeePassXC (which is considerably improved compared to Keepass which is old and, AFAIK, unmaintained), take another look at the Autotype feature it offers. I used KeepassXC for years without realizing this was available and now I rely on it.
Configuring the Autotype triggering can be a bit touchy, but it usually works easily. You can also control the exact sequence of things it types using special tokens for tab and Enter and even adding delays between things for slow applications.
KeepassXC also has a small browser integration add-on that helps you fill in things on a field by field basis, but I don't use that as often.
-
@josephj11 said in How about improving Vivaldi's password manager?:
@RasheedHolland If you already use KeePassXC (which is considerably improved compared to Keepass which is old and, AFAIK, unmaintained), take another look at the Autotype feature it offers. I used KeepassXC for years without realizing this was available and now I rely on it.
Configuring the Autotype triggering can be a bit touchy, but it usually works easily. You can also control the exact sequence of things it types using special tokens for tab and Enter and even adding delays between things for slow applications.
KeepassXC also has a small browser integration add-on that helps you fill in things on a field by field basis, but I don't use that as often.
That's the thing, I don't want to use a third party password manager. From what I understood, they have to be running in memory in order for these browser extensions to work. I also don't want to mess around with this Auto-type stuff. I have tried RoboForm, KeePass and Enpass and none of them worked smoothly with the browser. The current built-in password managers in browsers are already quite good and handy, now they only need to become more secure and more pretty.
-
@josephj11 said in How about improving Vivaldi's password manager?:
(which is considerably improved compared to Keepass which is old and, AFAIK, unmaintained
Hi,
Nopehttps://keepass.info/index.html
Its AutoType works
Maybe others are better.Using the DB from DropBox or any other Online services works fine with CKP and KeepassTusk extensions, no need to run the app in the background.
On Mobile there are Apps also and the Auto fill works fine too.
-
@Zalex108 said in How about improving Vivaldi's password manager?:
Its AutoType works
Maybe others are better.OK cool that KeePass works, but I personally still don't like to use third party password managers, at least not for browser password management.
Now that I think of it, passwords don't even have their own section in Vivaldi settings, why not make it more like Padloc. And password management is currently based on the standard Chromium feature, which sometimes doesn't even work correctly on certain sites.
-
@RasheedHolland Passwords have a section n privacy and security.
-
@Ayespy said in How about improving Vivaldi's password manager?:
@RasheedHolland Passwords have a section n privacy and security.
Yes I know, but it needs its own section, so not per se under privacy and security. Now it's almost hidden, that's what I meant.
