What is the Chrome Safe Storage?

  • When I start Vivaldi, it always prompt me for authorization to use the Chrome Safe Storage. Could you clarify this? I also use Chrome and I don't want any interactions between both browsers. thanks. (see attached screen capture). Attachments: [img]https://forum.vivaldi.net/uploads/attachments/40034/Screenshot2015-03-20at12.40.14.png[/img]

  • Moderator

    You have to delete the relevant item from your keychain to make Chrome quit asking for access to it. It's probably a password you stored using Safari or some such.

  • This is an item belonging to Chrome, and it's unrelated to Safari or any password I could have stored myself in my login Keychain. I could delete it, but I'm pretty sure next time I launch Chrome it will just recreate it, making Vivaldi complain at next restart.
    I don't see any reason why Vivaldi would want to read this item, unless it thinks it is a real Chrome browser.

  • I stopped using Vivaldi because of this annoying message. That is sad.

  • As far as I know Vivaldi creates this file too, because I have it and I'm not running chrome. Interestingly, I also have a file named chrome safe storage1, which is also used by Vivaldi.

    Start up keychain access app, click on chrome safe storage and access control and check which app is using the file. Would be a shame if both browsers generated a file with the same name, but it could also be that Vivaldi generates a file named differently (safe storage1), when a file named chrome safe storage already exists. Opera generates a file named opera safe storage, so maybe that's the route Vivaldi should take.

    Anyway, I would allow access, and if it indeed allows access to the same file used by chrome, you can simply remove Vivaldi from it in access control, by picking Vivaldi and clicking the "-" sign. Is worth a try.

  • Moderator

    "Chrome Safe Storage" in the Keychain is simply an application password that Chrome uses to encrypt/decrypt data in its secure information store. It's generated after installation during Chrome's initial setup. For some reason, Vivaldi uses the same key name.

    I don't know why Vivaldi chose to use "Chrome Safe Storage" as well. (Like others that got the Keychain access prompt, I wondered what was going on.) My guess is that it's either to facilitate data import from Chrome or to maintain compatibility with Chrome for some obscure reason.

    Vivaldi has also accidentally created and used "Chromium Safe Storage" in a few snapshots, which caused people to lose access to their passwords when Vivaldi switched to the new data store. I took that opportunity to ask @ruario, is there a why Vivaldi doesn't use "Vivaldi Safe Storage"?


    His response was:

    yep that is the plan with a way to automatically migrate the passwords over but that is for a future release.

    So, curious initial design decisions on Vivaldi's part aside, I don't think that there's any reason to get too upset about this. I also concur with @luetage; I don't think it's a problem to grant access to "Chrome Safe Storage".

  • Moderator

    Sorry for reviving this REALLY old thread but I thought that it was important to clarify the last sentence in my previous posting... Not only is it not a problem to grant Vivaldi access to the Chrome Safe Storage key, it is actually important and critical that you DO allow Vivaldi to access and use this key.

  • @xyzzy I still don't understand what Chrome Safe Storage is. I've never stored passwords in the Chrome browser. When you say Keychain, are you referring to iCloud Keychain ? I have no idea where to find the Chrome Safe Storage password.

    Why do you feel it's "important and critical that you DO allow Vivaldi to access and use this key" ?

  • @jsheridan Take a look at your keychain access app.

  • @luetage iCloud Keychain ?

  • @jsheridan I have to admit I never used iCloud. I mean the app on your system in Applications/Utilities

  • Moderator

    @jsheridan The Keychain is part of macOS and is like a "secure wallet" where the operating system and its applications can store passwords and other sensitive data such as certificates. Users can manage the Keychain using an application called Keychain Access.app; it's in /Applications/Utilities and can also be launched from Lauchpad -- click the "rocket ship" icon in the Dock and go to the Other folder.

    Vivaldi (like other Chromium-based browsers on macOS) does not actually store its data in the Keychain; it uses a database that's part of the Vivaldi profile... but sensitive data (such as passwords, cookies, auto-fill data, etc.) are stored encrypted, and the encryption password itself is stored in the macOS Keychain.

    I'm not exactly sure why but many years ago, Vivaldi chose to use the same Keychain entry as Google Chrome, Chrome Safe Storage. Some users didn't know why Vivaldi needed access to the Keychain, and specifically to Chrome Safe Storage so they disallowed access... and this is not a good thing to do.

    Recently, due to some changes to Chrome, when both Chrome and Vivaldi are installed, they can "fight" over who owns this key and Vivaldi can even be bumped from the Chrome Safe Storage access list. So, Vivaldi is finally planning to switch to using its own key, Vivaldi Safe Storage. Until then, Vivaldi still needs to use Chrome Safe Storage to store sensitive data securely... and I thought that it was important to correct and clarify a past post in case people search the Forums for more information on this topic.

  • @luetage I also don't use iCloud.

  • @xyzzy @luetage Thanks. I'll check out the macOS Keychain. Didn't know about it.

    I have a few passwords in iCloud Keychain from when I tried it but I've been using LastPass for quite a while. I was a die hard Chrome and Android user for years but I've moved away from all Google products except for YouTube and occasional use of Earth Pro and Translate. I don't miss Google at all. I started using Opera and then recently found Vivaldi.

  • Moderator

    @jsheridan If you launch Vivaldi and it just works, you're okay. (Normally, this should be the case.)

    If Vivaldi can't access the Keychain, you'll see a system prompt asking to you allow access.

  • @xyzzy I always get the system prompt after installing updates or after restarting Vivaldi.

  • Moderator

    @jsheridan So, the next question is: what do you do when you get this prompt?

    You have three choices:

    • Allow always will add Vivaldi.app to the Chrome Safe Storage access list in the Keychain and you won't be prompted again unless Vivaldi loses its access.
    • Allow will grant Vivaldi one-time access to Chrome Safe Storage and you'll be prompted to grant access again when you restart Vivaldi.
    • Deny does just that... and then Vivaldi doesn't have a viable password for encrypting information in its databases.

    (If you're not comfortable responding to a popup prompt, you can also manually add Vivaldi.app to the Chrome Safe Storage access list using the Keychain Access utility.)

Log in to reply

Looks like your connection to Vivaldi Forum was lost, please wait while we try to reconnect.