Profile decryption problem after last update

bobmane

@DoctorG ok thanks, also hoping Danial or v team will reply since i just want a fix and he seemed to indicate it is a known bug

fwiw can not find
[Secure Storage] Handle locked secure storage backends

becm

@bobmane From your description I take it you force-reset the account password which also requires the User Keychain to be reset.

Now Vivaldi refers to a non-existent entry without which it will not be able to decrypt its own secret storage.
It may be possible to restore from a backup and you will have to remember the old password (valid at the time of backup).

The alternative is to allow Vivaldi to discard its current secret store and start afresh ("…continue, but lose data?").

becm

@georgep depending on the platform, there are 3-5 ways to mess this up:

• sharing user folders
• resetting passwords
• copying profile folders between machines
• using different secret storage providers

The Vivaldi approach is (as @daniel wrote) already a step up from upstream Chromium behavior.

The general recovery is

• you need to know what you changed
• revert that
• export the passwords
• switch back to the new state
• import the passwords

With most people denying they did anything at all, chances of finding a way to describe any recovery process may be considered slim.

Using --password-store=basic is the only portable (but most insecure) secret storage setup.
It must be then used by all instances using that profile.
And of course, there should be no prior state with a different secret store already configured in that profile.

NiRo1205

I managed to solve this issue by updating Vivaldi to the latest version (6.8.3381.46-1). I guess some kind of weird bug in Chromium had been fixed.

bobmane

@NiRo1205 said in Profile decryption problem after last update:

updating Vivaldi to the latest version

i updated Vivaldi to the latest version same bug, got impatitnt and blew out all passwords...lesson learned on osx keychain with v
seem to have just blown out cookies and passwords. all history and tabs still there which helps

iibbari

Thanks Daniel for helping with this.

In my case, after Vivaldi update, I started Vivaldi in Cinnamon desktop instead of my normal LXQt. After switching back to LXQt desktop Vivaldi showed that now "famous" profile prompt screen. The problem was that in LXQt (KWin) Vivaldi tries to use KWalet5.

Problem is solved (not optimal) by starting Vivaldi with 'vivaldi --password-store=gnome-libsecret' to get my "secrets" back i.e. get my regular profile.

It would be great if Vivaldi would have a prompt to choose the password-store from the available instead of the profile prompt.

vduser

I'm not sure if I experience the same problem, but after searching before opening a new thread I found this one which might be addressing the same root issue.

The system is Xubuntu (now 24.04 but the problem was already there in 22.04 before upgrading). Initially, I thought the issue might have been caused by some libSSL3 update and I only needed to reboot. But that turned out not to be the case. After reading the posts in here, I now consider Vivaldi itself might be the problem.

But now for the symptoms. Running vivaldi normally, i.e. from a start menu entry (provided by the .desktop file created during installation), is no problem. But usually, on that system, I run it from terminal because I "su" into another account because its vivaldi profile has all the tabs and settings I need.

Since a few days ago, that doesn't work anymore. When starting "vivaldi %u" there are some error messages and instead of opening vivialdi's main window I just get a profile selection window.

The error messages are (random numbers removed and replaced by "..."):

[....:ERROR:vivaldi_keystore_checker.cc(173)] KeystoreChecker: Keystore unlock failed and user requested profile switch!
[....:ERROR:profile_impl.cc(1185)] ProfileImpl: Profile validation failed, profile will be unusable.

(vivaldi:420846): dbind-WARNING **: ....: Couldn't connect to accessibility bus: Failed to connect to socket /run/user/1000/at-spi/bus_0: No permission

This is with version 6.8.3381.46

This issue does not occur if I log into that (linux user) account and start vivaldi from start menu entry.

pocelka

Today I encountered also this problem. In my case I started my machine (F40 Gnome), started Vivaldi. Wanted to play something on spotify, my audio didn't work for me (unrelated problem). So I closed Vivaldi, started it again and I got a surprise with profile choosing and keyring problem.

After searching I found this forum, which didn't really help so at the end I went with data loss option. My 70 tabs are still there, I don't care for passwords as I have some other solution for that; but still not a nice evening for me after mentally drained day at work.

Obviously there is something not working properly. I don't belong to any category discussed here (shared profile, multiple environments etc...).

Vivaldi team needs to do better for it's users. I'm a normal user and have no idea how to repair the stuff if there are no steps for this or at least the link to KB or whatever.

SophiaONeal

@becm okay, i'm also having the same problem, but i did do something. completely lost on the technical terms in this thread though, i'm just a normie who expects to be able to start the browser and get to work!

Re: Profile decryption problem after last update

@SophiaONeal said in Getting logged out every session and formatting is off:

i deleted the browser data,
emptied the cache
and blocked trackers
but then i had to re-log into everything.

I allowed all cookies so i wouldn't have to do that, but it's still happening (it's been a week!). And I know it's saving cookies because the cookie number has been going up.

I've restarted, reloaded, and applied updates to Vivaldi, but i'm still having to login every time i restart the computer/browser. I'm on a 2021 Macbook Pro running Sonoma 14.5.

simenDEO

This post is deleted!

daniel

@pocelka said in Profile decryption problem after last update:

So I closed Vivaldi, started it again and I got a surprise with profile choosing and keyring problem.
(…)
Obviously there is something not working properly. I don't belong to any category discussed here (shared profile, multiple environments etc...).

Your secure storage may have been locked in the meantime. Some misconfigured environments will lock your secure storage when the screen saver comes on or your computer goes to sleep; only to fail to unlock it when you return and log back in. A running instance of Vivaldi would have no problem with this, it only needs the decryption key from the secure storage during startup. You would only notice the issue after restarting the browser.

Similarly, your secure storage could have simply timed out and locked itself. KDE Wallet can be configured to do this, for example.

daniel

The dialog is somewhat confusing. Vivaldi doesn’t know exactly what happen — it only knows it no longer has access to the decryption key. This is why it’s so difficult to provide concrete and actionable instructions on how to recover from the problem.

vduser

I now ran into this problem on my own system, too, when updating from v6.7 to v6.9.

The curious thing is, on my system I have 3 config folders, two for being able to test and have instances running independently, executed by running the program command with a --user-data-dir flag. So, not really profiles in the narrow sense, but kind of. And those two test configurations have no problem running on either v6.7 or v6.9 - and all that although initially being just copies of the main config folder, with all the hundreds of tabs removed for fast restarting, what essential when testing. But the main one give me that error when trying to run v6.9. When downgrading to v6.7 it runs just fine.

Another difference between the main and the test config folders that caught my eye is, that the main one contains a subfolder "System Profile" (~/.config/vivaldi/System Profile) while the other 2 don't have such a subfolder.

Testing back and forth and comparing config files' content, I finally narrowed the "problem" down to an "keystore_canary" entry in ~/.config/vivaldi/Default/Preferences. Replacing the value with one of the working setups or deleting it altogether allows for vivaldi to start, but many of the extensions are defunct then - probably it's equivalent to letting the "unwelcomed "welcome" screen ("Vivaldi could not unlock your secure key store") "nuke" the profile keystore" ("Continue with Data Loss").

Having had my share of bad experiences with vivaldi destroying working setups I have a few backups of some settings files, like e.g. Preferences. So I had some backups from v6.7, v6.6 and earlier. The ones from v6.7 didn't work, but the one from v6.6 allowed the program to start normally and only have 2-3 defunct extensions which I could un- and reinstall easily. It now seems to be back to normal with minimal corrective work - I have to see if I notice any abnormalities that I'm not yet aware of now.

Interestingly enough, the v6.6 Preferences file does not have a "keystore_canary" entry. And now, after having used it to be able to run v6.9 it has such an entry and its value is the same as the one in the Preferences file of working test configs. Probably I could have just used the Preferences file that I modified by replacing the "keystore_canary" value in the v6.7 main Preferences file with the one from one of the test configs. But at that point in time, I wasn't content with still some extensions being defunct - easily noticeable by the generic icon instead of the specific one each extension usually brings with it.

So, if one runs into such a problem, it can definitely help having a backup of the Preferences file - either from a version that didn't yet have a "keystore_canary" entry or from a setup that works with the respective version that makes problems on another system / different setup.

One option I would have expected to find, but didn't, would be to be able to export data / change the keystore on a working version and then import it at the "Can't unlock your secure key store" screen. Because apparently, it can be unlocked, just not by some versions of vivaldi...

rkzn

@georgep said in Profile decryption problem after last update:

What if Viv is your only installed browser? Then when you see the "Who's using ..." and "data loss" windows and think, like me, oh gosh I need to research this --- you'll need to install another browser to do it.

Maybe you may use a Guest Profile, as I am doing now.

syklist

@luetage

Having just experienced this on a relative's LinuxMint computer I can confirm that the message "Decryption failed: risk of data loss" appears when Vivaldi has been installed from a .deb which then installs the repo in Software sources. So the updates are handled in the same way as debian/Ubuntu/Mint updates.

DoctorG

@syklist Can be related to switching between GNOME keyrings and KDE wallet, using XFCE, broken profile data. I do not know.

syklist

@DoctorG
The user did nothing other than apply the updates offered by the LinuxMint updater. As far as I am aware LinuxMint XFCE edition uses the GNOME keyrings and XFCE is the only desktop environment installed on the user's PC.

I have just updated my PinePhone running mobian/Phosh and BOTH Vivaldi stable and Vivaldi snapshot are exhibiting the same problem, the profile chooser comes up.

Apart from doing a standard sudo apt update sudo apt upgrade which among other things updated both snapshot and stable I have not knowingly made any other changes.

Vivaldi asks for the keyring password which I enter and then I can get no further than the Profile chooser.

Is this a Vivaldi bug? Or a debian bug?

syklist

@DoctorG said in Profile decryption problem after last update:

@syklist Can be related to switching between GNOME keyrings and KDE wallet, using XFCE, broken profile data. I do not know.

It seems to me to be the case that the most recent updates of stable and snapshot, and updates to the debian based systems have provoked this problem.

Neither myself nor the other user I mentioned use sync. The devices are single user devices and no changes other than updates of Vivaldi and the system have triggered the problem in our cases.

I will not be upgrading Vivaldi on any of my other devices until I have a way of solving this problem.

yngve

@syklist said in Profile decryption problem after last update:

It seems to me to be the case that the most recent updates of stable and snapshot, and updates to the debian based systems have provoked this problem.

The reason this warning has appeared recently is that the dialog IS new!

Before this dialog was added one would happily(?) switch between environments (whether Linux Window managers, or different machines) trying to reuse the same profile in both/all environments, and thus losing all your login cookies and other information that is stored encrypted locally on your diskdrive (Sync is not involved here) because the encryption key was lost by the environment change. This dialog stops you before the damage can be done, asks if you really want to wipe your data.

syklist

@yngve said in Profile decryption problem after last update:

@syklist said in Profile decryption problem after last update:

It seems to me to be the case that the most recent updates of stable and snapshot, and updates to the debian based systems have provoked this problem.

The reason this warning has appeared recently is that the dialog IS new!

Before this dialog was added one would happily(?) switch between environments (whether Linux Window managers, or different machines) trying to reuse the same profile in both/all environments, and thus losing all your login cookies and other information that is stored encrypted locally on your diskdrive (Sync is not involved here) because the encryption key was lost by the environment change. This dialog stops you before the damage can be done, asks if you really want to wipe your data.

Both my PinePhone and my elderly relative's LinuxMint laptop have only one desktop environment installed.

Phosh in the case of my PinePhone and XFCE in the case of the elderly relative's laptop.

So what is causing the profile chooser to be triggered?