Browser Passwords

[ComputerDave]

What are you guys using to extract passwords from web browsers from drives that are not booting? Years ago, we would have used Nirsoft's WebBrowserPassView for systems that still boot, but that hasn't worked well recently. It's been hit and miss. Fab does an excellent job with Firefox.

 

[thecomputerguy]

If it's not syncing to a google/firefox account or to a MS account I think you are hosed.

You used to be able to get away with grabbing the DEFAULT folder for the profile and slapping it on a new computer, not anymore.

 

[Rosco]

you can export them as well.

 

[britechguy]

If it's not syncing to a google/firefox account or to a MS account I think you are hosed.

Agreed. Once sync came on the scene along with encrypted password storage, most of the prior hacks went *poof*! (And this is a good thing, in my opinion. I also encourage clients to use a dedicated password manager rather than browser password managers, too, with cloud backup of their encrypted password file).

 

[britechguy]

you can export them as well.

But not on a system that cannot boot and where you cannot get to the browser password manager to do so. If the passwords happen to be synced to the browser's respective account, then exporting is unnecessary as just logging in anywhere with the same account under the same browser and, voila, there your passwords are!

 

[ComputerDave]

I also encourage clients to use a dedicated password manager rather than browser password managers, too

If only we could catch them all before they get themselves into that scenario. When you're only recovery option is to text a phone number to a now-disconnected landline, kind of scenario. As always, I appreciate your feedback.

 

[ComputerDave]

You used to be able to get away with grabbing the DEFAULT folder for the profile and slapping it on a new computer, not anymore.

Those were good times. It's reassuring to know that I haven't overlooked something obvious.

 

[britechguy]

If only we could catch them all before they get themselves into that scenario.

Among others.

One of the reasons I've become so fond of cloud-based accounts and storage, of all types, is they prevent this kind of scenario.

I have a Microsoft and Google Account. I have accounts to log in for the Vivaldi, Brave, Edge, and Firefox browsers and make certain I use them and sync everything that can be synced (though I don't use browser password managers).

My past experiences watching various clients' entire computer worlds go up in smoke when everything was local only, and where they did not think backing up was necessary (if they thought about it at all), convinced me that cloud backup of whatever one can is just a good idea. And since this stuff is encrypted, and I don't believe the major players would ever try to compromise that data, the scales tip fast and solidly down in the direction of syncing to the cloud.

 

[frase]

I keep mine in an encrypted spreadsheet.

 

[lan101]

What are you guys using to extract passwords from web browsers from drives that are not booting? Years ago, we would have used Nirsoft's WebBrowserPassView for systems that still boot, but that hasn't worked well recently. It's been hit and miss. Fab does an excellent job with Firefox.

Yep firefox profile still works with fabs when importing but edge and chrome pretty much need an account synced. A lot of people learning the hard way lol. As I always say as long as they can get to the email we can reset most things.

 

[Sky-Knight]

If you can move it, so can the threat actors.

There's a reason we have these things in encrypted vaults, linked to an MFA protected account somewhere.

From an ethical perspective, no IT professional should ever be moving anything like this. The contents of browsers are managed via their respective accounts, users can perform the correct process, or they can rebuild from scratch each time. This is for their own good, as it provides them and only them the access and stewardship of their data.

Given that all major browsers now act as crappy password managers, we really have no choice but to enforce some standard here. And yes, there will be many hard lessons learned.

 

[britechguy]

. . . This is for their own good, as it provides them and only them the access and stewardship of their data.

I happen to agree with everything you've said, but it must be noted that it's the "them and only them" part that these folks don't want. They want to believe that there is always some way that someone else can (and indeed should, when disaster strikes) bail them out.

When you couple that with the insane almost-conspiracy-theory-level suspicion of encrypted cloud storage (which we occasionally see on display even here on Technibble) it becomes a Gordian knot.

The recalcitrant will have to endure being burned as many times as necessary to get them to change their own practices. And saying, and meaning, "I can't help you," when you really can't goes a long way toward making that "burn" more severe.