How to manage passwords in Vivaldi
-
When you enter a new password on a website, Vivaldi will ask to save it. Thatβs because Vivaldi has support for managing passwords. Letβs find out how that works.
Click here to see the full blog post
-
Currently using Bitwarden. Vivaldi doesn't provide a real password manager at the moment, just the chromium way of saving website passwords. What's missing is a way of saving any kind of information, strong password creation and of course sync to the non existent mobile version. The only password stored in my Vivaldi is the one for Vivaldi sync for the foreseeable future.
-
I currently use keepass as my main password manager, but I do use the built in password manager for some sites that continually ask me to re-enter my password.
-
KeePass is my preference. Sensitive data is stored locally, not in the 'cloud'. I don't think it's a bad thing to be skeptical about cloud storage.
-
I made my own password manager.
And while I use Vivaldi builtin password manager for unimportat sites, everything else is stored in my own application. -
@netgain: Cloud managers encrypt data locally before sending them to cloud.
-
@richardvajdel: I respect your confidence in the cloud, but I simply feel safer with local storage.
-
Basically it doesn't matter how we store passwords - as long as the site owners don't secure them properly (e.g. use hash functions that are not meant for passwords, just because they are faster - or even worse, store them in plain text!) we can safely assume that most of them are in the wild anyway.
For computers at home a piece of paper with the passwords on it is perfectly safe (provided you consider your house as safe) in comparison to all online methods like the password services and in comparison to any password manager that stores its data on the disk of a computer that is connected to the internet (Don't forget there is an universal password cracking method https://www.xkcd.com/538/ )
Other than that: The method @Gwen-Dragon mentioned is a sensible way if you need to take them with you - and if possible don't use passwords at all but switch to e.g. U2F/FIDO
-
@QuHno said in How to manage passwords in Vivaldi:
For computers at home a piece of paper with the passwords on it is perfectly safe
My wife literally uses a small paper notebook which, after all these years, is hopelessly jammed with pages and pages of site names, passwords, crossed out passwords, passwords for multiple user names on the same site, etc. Kind of a nightmare.
-
I use the built-in password manager of Vivaldi to create and store passwords, and I think this a perfectly safe way of doing it. As long as no-one else can access my local user account they are safely stored. Of course, I can only assume Vivaldi has a safe way of storing them on their servers. I know at least the sync data is encrypted on their side, so even if some bad guys get in they won't be able to read the data.
I also use KeepAss locally to maintain a (semi-regular) backup of these passwords and sync this manually to NextCloud and Mega.
There is no reason to trust one of the popular cloud-providers mentioned in the article any more than storing and syncing them in Vivaldi. Some of those have had security breaches over the last years, something which should be the death-sentence of any company doing what they do... they must have really good PR for people to still trust them
@OlgaA By the way, you should update the article with how to also create strong and unique passwords in Vivaldi by clicking inside the password fields and choosing Generate...
-
Thanks to a Vivaldi user, I found Bitwarden, which is wonderful. What's lacking is, Bitwarden does not fill the username and password fields for me. Currently I have to copy-n-paste from the Bitwarden popup. I wish the Bitwarden extension overrode Vivaldi's native password manager.
-
@ryofurue having the kind of "overriding" you speak of works be fantastic.
Right now you need to use an extension to integrate with a manager, no matter which one you use. Doing so comes with all the usual pitfalls of chrome extensions and for passwords I would rather avoid that.
-
I'm still missing a master password
At my work an admin could login into my windows account and so he can see all saved passwords. -
@roBBer said in How to manage passwords in Vivaldi:
I'm still missing a master password
At my work an admin could login into my windows account and so he can see all saved passwords.Is that actually true?
AFAIK you have to give your actual user password to decrypt and display things, so he could look your files but not decrypt the login details. The only danger is if he could run Vivaldi in your profile and then use the auto-fill to get at your accounts.
But then, here at work the admin doesn't actually log in to my account - they make me log in first and then use their admin user/pass if they change settings, etc. - I don't think it's possible to get into Windows on an admin account, run Vivaldi with your user account and log in to your websites... your Windows password has to be entered at some point to decrypt the password file.
-
@mossman said in How to manage passwords in Vivaldi:
Is that actually true?
It may be true that to view passwords inside Vivaldi, they'd need to enter a password.
However, if they are able to login as your user, which an admin potentially could, they would be able to just run something like this:
https://www.nirsoft.net/utils/chromepass.html
In fact, I run this regularly to check stuff, and also to export passwords. It requires no password to decrypt, it just uses your credentials as a logged-in user. -
Happy 1Password X user here, please to report it works flawlessly with Vivaldi!
-
@pathduck said:
It may be true that to view passwords inside Vivaldi, they'd need to enter a password.
Which would be the user password of the user account - which the admin knows if he can log in as you.
-
@QuHno said in How to manage passwords in Vivaldi:
@pathduck said:
It may be true that to view passwords inside Vivaldi, they'd need to enter a password.
Which would be the user password of the user account - which the admin knows if he can log in as you.
And my point was; I have never had an admin who could log in as me.
-
@QuHno said in How to manage passwords in Vivaldi:
Which would be the user password of the user account - which the admin knows if he can log in as you.
Not necessarily. On any multi-user OS, an admin can use tools to log on to a users' account without entering the password. They can't actually know the password itself, because it would be encrypted in the OS, obviously they can change it, however the user would notice if their password was changed...
They would still be prompted by Vivaldi to enter a password to view stored logins. But like I said there are many ways around that when they are logged in as you. The security in Vivaldi for stored passwords is very superficial.
-
@robber: If I remember correctly the admin would have to "Take Ownership" of any user file not admin owned. You would know it as soon as you tried to open it.