Profiles with passwords
-
Hi, I thought I could be able to create a profile and be asked to enter a password every time the profile changes (and also every time Vivaldi opens). However, it never asks for the password (just when I want to sync?). I created the Vivaldi password (the same used here) and also the encryption password. Are these the passwords that would protect the profile? Is there any settings that could make what I have in mind? What am I missing?
-
@allanfelipebr Hi, there is no password protection of profiles.
-
Oh my ... well, thanks for the information. Then, unfortunately the whole idea of profiles is not useful for me. I hope the feature is implemented in the future.
-
Essentially, the local encryption used by Vivaldi and Chromium is for sensitive data like passwords, and they are encrypted using a key connected to, and protected by, your Windows Account and Login Password (or equivalent on other platforms), and is a protection against other accounts on the machine who does not have access to your account. (Additionally, this encryption prevents copying of the data to a different machine.)
Encrypting the rest of the profile against a an attacker that has access to you account (e.g. another user, but particularly malware) is an exercise in futility and a waste of resources. Particularly targeted malware (e.g a keylogger installed by a user you gave access, and hardware versions exists) will be able to intercept any password you enter, and can modify executables to perform such interception. That is the reason why a local attacker with access/control over the machine is not part of most software's threat model.
Encrypted protection of the entire profile can best be accomplished by using an encrypted partition or drive that is protected by your password, which will encrypt the entire filesystem. (Note: this still does not protect you against an attacker that have gotten access to your computer while the drive is mounted.)
-
Hi guy's, New user here. Sorry to hijack this thread but a profile password is needed in Vivaldi (or any other browser that has multiple profiles).
Let me explain, bare with me because English isn't my native speaking language.Vivaldi boasts the option to have multiple multiple profiles and even have a guest profile, this is a great and very handy feature.
So in my opinion the profile password is a no brainer at that point. It's needed plain and simple.With all respect for the security experts and developers, i do get the point that you can't protect a local password from the attack of the local black hatter that got his hands on your machine...he will ride off in to the sunset with all your passwords and cows even when there is a password set using a gazillion special characters.
But you didn't stop to think he maybe this family has only 1 computer and they have a kid that doesn't need access to the parents banking passwords (i'm not going in to a fight over wether or not it's a good idea to store that kind of stuff on a computer).Right now it's way to easy to change over from one profile to another, a simple password would stop the curious kid (unless he's tech savvy and really curious
)A computer that's send in for repair should contain no passwords but what if the computer stops working and you need to send it in as is ? The technician looking over the pc to check if everything works could find out you can open the browser and login to websites without a password...this could get you in trouble when it's a work pc and the technician in question is youre local BOFH. If they need to use special tools to break it you're in the clear even when the encryption is broken.
Anyway i really hope this will become a feature in the future because i really like the browser, stepped over from firefox using it for work and private.
-
@AlexGPrive
Hi, as Admin looked into hundreds of user profiles or systems I can tell you nobody have an interest to use customer data or even look at it.
You loose your job, get never a new job and go to jail.
Anyway, there is an old feature request about this or a kind of master password and the Vivaldi team tag it as "Will not do".
Is there any Chromium browser have this feature?Cheers, mib
Opensuse Tumbleweed x86_64 KDE 5, Windows 11 Pro, Vivaldi latest
HP Probook Intel(R) i5-8350U 16 GB, GPU UHD 620, SSD 256 GB
Miniforum-B550 AMD Ryzen 7 4700G 16 GB, Radeon Graphics
Xiaomi Mi Note 10 Lite Android 12 -
@AlexGPrive said in Profiles with passwords:
But you didn't stop to think he maybe this family has only 1 computer
AFAIK ALL current Desktop Operating Systems support multiple user accounts (Not sure about Windows Home versions, but the Pro versions definitely do support multiple accounts). And these accounts generally do not have access to the data of other accounts.
So, each family member gets their own private account, with a separate password, on the machine (with the administrator account being able to control them, and IIRC there are parental controls, too) .
No need for making complicated code to protect profiles; the Operating System manages all of that on its own.
-
Thx for the reply's, i was afraid this would be the anwser....and yes you should have multiple accounts on a machine and yes a technician shouldn't nose through the system except your local BOFH will because it's his job.
So in essence vivaldi could be banned from workplace because it misses a simple, basic authentication option to start it up. So it could be a showstopper in some places.Besides what's the point of a guest profile if a guest can simply change over to the master profile and edit away ? You never considered that a guest could (and sometime will) do this ? So for me the guest profile seems to be a useless option.
I did notice that the windows version asked for my windows login password to show me the passwords but not to use them, my linux (kubuntu 22.04) doesn't ask for anything.
Anyway maybe the "will not do" will be changed to "will consider after a few beers" in the future
Keep up the good work, since this is my second day using vivaldi i'm having a blast discovering all the options and the friendly community.
-
@AlexGPrive said in Profiles with passwords:
So in essence vivaldi could be banned from workplace because it misses a simple, basic authentication option to start it up
Well, unless I am very mistaken, that would apply to ALL Chromium based browsers, including Google Chrome (which actually have an Enterprise program) and Microsoft Edge.
Companies would require separate, isolated user accounts for each employee on each machine (they have since the first multi-user machines in the 50s and 60s), and the current desktop OSes (for the past 20+ years, at least) are implementing the same systems because they are required by all corporate customers.
@AlexGPrive said in Profiles with passwords:
I did notice that the windows version asked for my windows login password to show me the passwords
That is to prevent a user with physical access from reading your passwords without knowing your windows login password; yes, they may still use the password, but they cannot discover them. (OTOH, no need to in most cases, since with physical access they can just use a site's password reset button, and use your email app to access the reset link).
IOW, there are too many ways to attack online accounts, if you have access to a person's computer that encrypting the whole profile is wasted effort; and BTW a determined attacker can install either software or hardware keyloggers on your machine (unfortunately done by many abusive partners); so a password on a profile is rather futile against such attackers (the Windows password, too).
PS! Also, all of this is is the reason why no browser considers an attacker with access to the computer as part of their threat model; we do encrypt some sensitive stuff, like passwords, because their storage is relatively easy to steal and use later if they are not protected.
-
@yngve said in Profiles with passwords:
(OTOH, no need to in most cases, since with physical access they can just use a site's password reset button, and use your email app to access the reset link).
Or, they could download ChromePass and export a list of the passwords in no time
https://www.nirsoft.net/utils/chromepass.html
(A lot of sucky AVs unfairly classify some of Nir's most excellent security tools as "malware"...)IMO the whole asking the user password to view passwords in Chromium browsers should be dropped. It's just security theater anyway. If you can't keep your OS account secure, there are no more limits.
-
@AlexGPrive said in Profiles with passwords:
...
But you didn't stop to think he maybe this family has only 1 computer and they have a kid that doesn't need access to the parents banking passwords (i'm not going in to a fight over wether or not it's a good idea to store that kind of stuff on a computer).
...I would respectfully disagree. The 'proper' approach for that situation is to set up a local user account on the computer for the child's use. Dumping all users into a single computer account is futile for meaningful security/privacy where there is a need to prevent a user from accessing information relevant to one of the other users. It's the very reason user accounts exist in Windows.
Worse, in a child-user's case, if that child browses (intentionally or otherwise) in harm's way and brings in malware, that damage normally is confined to his account and its software instances alone, all of which can be 'blown away' easily. If everyone is using a typical admin single computer account, the entire system and its data will be compromised from malware. brought in by any of them.
-
Ok, i understand the points you're making so i will do a last effort before going to bed...i've been working in the security sector my entire proffesional life (think electronic intrusion- and fire detection, access control and cctv)
I see my collegue's making thesame points about intrusion detection, you can't keep "the proffesional" out (think encrypted profile) and you can't stop the "internal bad apple" (think someone with fysical access to the pc)...and that's correct but you can keep the person out that's simply jiggling the handle of you're back door (think trying to change profile) trying to get in....so my point of view is mutch simpler than your approach : a simple lock (think simple password) to keep the curious cat out
I like the way firefox does it : it asks a password to start using the pwd manager on browser start...i have no idea if it's even any good but it gives the impression that it's trying to secure your passwords and in todays age thats worth alot (more than it should). Yes security theatre, yes a pro will get into anything given enough time and resources, but i'm not making this point to stop those people. I'm making this point to keep out the people jiggling the handle...
But i respect the current dessicion (decission, however you spell it) to not do it, i'm just not agreeing with the reasons given....maybe it's because it would take up to much resources....edit because i hit enter to soon
goodnight everyone -
-
Hey @Pathduck
It seems i failed to make my point clear, in my opinion this has nothing to do with user accounts on a box. I'm not using windows at the moment, i've started using computers from the windows 98SE and red hat 4 era and i'm still dabbling on computers using win10, 11, kubuntu and bodhi (bodhi is a fun OS) so i like to think that i somewhat understand the concept of accounts and user management. (could be wrong though, after all it's not my proffesional world)
From the Vivaldi site : https://help.vivaldi.com/desktop/tools/user-profiles/ the snippet : "If a second profile is needed only briefly, for example, for a friend to use your browser (without messing up your setup or interacting with your open tabs), use a temporary Guest Profile."
So at that point the "friend" allready has access to your box (no matter how many accounts activated allready), has his (or her) hands on your browser and since i believe in privacy (hense my current choice for Vivaldi) i woulnd't be looking over there shoulder to see what they're doing. But who says that this "friend" wouldn't make a mistake somewhere (and mess up my setup) or worse would prove him(her)self to be the wrong kind of friend ?
To be able to let somebody use my browser being relativeley sure it won't end up fubar i would be needing a password prompt when selecting profiles.
So for me the "guest profile" is just a useless profile at this point.This is the best way i know how to explain why a simple password is really needed for profile protection, again in my opinion.
Anyway thanks for hearing me out and having this polite discussion, maybe we're all suffering somewhat from tunnel vision ?On a brighter note, i'm really liking the browser, especially the workplace stuff (the profile pwd stuff is not a showstopper for me).
-
@mib3berlin said in Profiles with passwords:
Hi, as Admin looked into hundreds of user profiles or systems I can tell you nobody have an interest to use customer data or even look at it.
It is beyond asinine to think that because you didn't do it and you have a moral compass that someone else would not.
-
The way in which I use Vivaldi profiles is to separate work emails and work setups but really big emphasis on the emails. I want to be able to isolate my different work accounts without having to move through device users whenever I would like to use them.
Currently I feel very vulnerable with my work email which I connected to Vivaldi mail so easily accessible. It makes the profiles feature feel so hollow. Like a glorified workspaces feature.
What is the point of these accounts? I am just a little confused on the real use-case. Isolating passwords and separating instances is great but I don't fully understand the usage if it doesn't allow for the saved sessions to be securely kept within them.
