Password manager empty after Brave update – Login Data exists but not decrypting (Windows)

Browser Support Desktop Support
, ,
1

Description of the issue: After a recent Brave update (and Windows update), all previously saved passwords disappeared from Brave Password Manager.
Autofill stopped working

  • brave://settings/passwords shows empty

  • Passwords were definitely saved before (used daily)

  • No manual deletion, no profile reset, no uninstall

The Brave user profile still exists and appears intact.
How can this issue be reproduced?

  1. Use Brave on Windows with multiple saved passwords.

  2. Brave auto-updates to a newer version.

  3. Restart the system.

  4. Open Brave → Password Manager is empty and autofill no longer works.

Expected result: Previously saved passwords should still appear in Brave Password Manager and autofill should function normally.

**Brave Version( check About Brave):**Brave 1.86.139 (Official Build) (64-bit)
Chromium: 144.0.7559.59

**Additional Information:**Windows 11

  1. Same Windows user account (no user switch)
  2. Brave profile folder still exists
  3. Login Data file exists with normal size (URLs visible when opened, indicating data is present)
  4. Issue started immediately after update
  5. Appears related to password decryption / DPAPI after update
  6. No third-party password manager used
2

@Shq13

PLEASE . . . back up the User Data folder:

C:\Users\[UserName]\AppData\Local\BraveSoftware\Brave-Browser\User Data

Try:

File and Folder Permissions - Brave Browser (Windows OS):

Screen Shot 2025-04-06 at 7.11.58 PM
Screen Shot 2025-04-06 at 7.11.58 PM678×574 70.9 KB

Screen Shot 2025-04-06 at 7.12.10 PM
Screen Shot 2025-04-06 at 7.12.10 PM677×540 37.2 KB

Screen Shot 2025-04-06 at 7.12.33 PM
Screen Shot 2025-04-06 at 7.12.33 PM676×574 26.8 KB

Screen Shot 2025-04-06 at 7.12.57 PM
Screen Shot 2025-04-06 at 7.12.57 PM676×405 43 KB

Ref.: ‘https://github.com/brave/brave-browser/issues/38609

And then, there is the following:

Lost cookies, extensions, filters, but tabs are there, on 2 different computers - #3 by Flex

I asked Perplexity.ai to decipher those commands. The reply:

Those three commands are working together to take control of the Brave Browser profile folders and reset their permissions for the Administrators group.

1) takeown /F ... /R /D Y /A

takeown /F C:\Users\USERNAME\AppData\Local\BraveSoftware\Brave-Browser /R /D Y /A

  • takeown – changes the owner of files/folders.
  • /F <path> – target folder: here it is the Brave-Browser folder in your profile.
  • /R – recurse into all subfolders and files.
  • /D Y – automatically answer “Yes” to any confirmation prompts when access is denied.
  • /A – make the Administrators group the owner (instead of just the current user).

Effect: Administrators become the owner of the entire Brave-Browser tree under that user profile, including all subfolders and files.

2) icacls ... /setowner Administrators /T

icacls C:\Users\USERNAME\AppData\Local\BraveSoftware\Brave-Browser /setowner Administrators /T

  • icacls – manages NTFS permissions and ownership.
  • /setowner Administrators – explicitly sets the owner to the Administrators group.
  • /T – applies to the folder and all subfolders and files.

Effect: Confirms and enforces that Administrators are the owner of everything under Brave-Browser (similar goal to the first command, using a different tool).

3) icacls ... /inheritance:e /T /C

icacls C:\Users\USERNAME\AppData\Local\BraveSoftware /inheritance:e /T /C

  • /inheritance:eenables permission inheritance so items inherit ACLs from their parent folder.
  • /T – recurse through all subfolders and files under BraveSoftware.
  • /C – continue even if errors occur (skips over problem files, keeps going).

Effect: Re-enables normal inherited permissions for everything under BraveSoftware, so permissions flow down from the parent instead of using only custom/blocked ACLs.

Overall purpose

Together, these commands:

  1. Make the Administrators group the owner of the Brave Browser data folder and all of its contents.
  2. Ensure that ownership is set consistently using both tools (takeown and icacls).
  3. Turn inheritance back on for the broader BraveSoftware folder so its permissions are normalized and inherited from its parent, which can fix “Access denied” and permission corruption issues within the Brave profile.

SOMETIMES: A BB user has recovered passwords by using the backed up Login Data file; and sometimes by doing that PLUS using a previously-backed up Local State file; and sometimes by a combination of: Resetting the Brave Browser Settings, using the backed up Login Data file, plus, using the previously-backed up Local State file.

Because: Somehow, sometimes a Windows OS update and/or Brave Browser update messes up a bit of the Local State file.

My estimate: At least 97% of Brave Browser (Windows OS) users reporting lost data AFTER:

  • starting up their computer in the morning
  • Brave Browser update
  • Windows OS update

have not maintained routine daily backups of their data, bookmarks, passwords. And, they have not maintained routine daily creation of Windows OS System Restore Points.

About all of the above, my consolidated notes:

Brave deleted all my active tabs and favorites - #2 by 289wk

3

Thanks for the reply , i have tried both the methods and nothing seems to work . Also i have checked the local state file which is still intact but idk if it has been regenerated during the Brave/Windows update.

I do not have a previously backed-up Local State file from before the update. Ig recovery is not possible?

4

@Shq13

When long ago, I used Windows OS as part of routine maintenance, before a Windows OS update, a new System Restore Point would be auto-generated.

I am getting the impression of late, that the Windows OS user must now arrange for that. So I included procedures within my consolidated notes:

Windows OS users, establish a daily routine of creating System Restore Points.

Automate Daily System Restore Point Creation

Enable System Protection

Press Win + R, type SystemPropertiesProtection, and press Enter

Under the Protection Settings list, enable protection for your system drive (usually C:) and allocate ~5-10% of space for restore points.

Create a PowerShell script to generate a restore point

Open Notepad, paste the following:

Checkpoint-Computer -Description "Automatic Restore Point" -RestorePointType "MODIFY_SETTINGS"

Save that as:

C:\Scripts\CreateRestorePoint.ps1

Schedule it

Open Task Scheduler → Create Task

Name: Automatic Restore Point

Triggers: Everyday at a convenient time

Actions:

Program/script: powershell.exe

Add arguments: -ExecutionPolicy Bypass -File "C:\Scripts\CreateRestorePoint.ps1"

Under Conditions, uncheck “Start the task only if the computer is on AC power” if you want it to run on laptops.

Under Settings, choose “Run task as soon as possible after a scheduled start is missed.”

You now have an automated Windows OS System Restore Point created daily.

Event-triggered restore points

https://learn.microsoft.com/en-us/windows/win32/sr/restore-points#event-triggered-restore-points

There is some chance, that your Windows OS machine was set up to Create a Windows OS System Restore Point ← triggered by certain events: Windows OS Update ? ? ? (we hope?)

Otherwise, another attempt at stumbling onto a fix/workaround . . .

Let us say that you already have 2 Brave Browser (“BB”) user Profiles named, Profile 1 and Profile 2. (Using Brave internal link brave://profile-picker in a BB New Window, you would see the actual BB user Profile names that you created.)

BBr user Profile named Profile 1 ← its data is in folder named Default:

  • "C:\Users\[UserName]\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default"

BB user Profile named Profile 2 ← its data is in folder named Profile 1:

  • "C:\Users\[UserName]\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 1"

If you were to create an extra BB Shortcut for test purposes only, on your Desktop:

‘Brave.exe’ is usually at one of the following paths:

  • C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe
  • C:\Program Files(x86)\BraveSoftware\Brave-Browser\Application\brave.exe
  • C:\Users[UserName]\AppData\Local\BraveSoftware\Brave-Browser\Application\brave.exe

So . . .

  • Right-click on its brave.exe file and select Show more options
  • Click on Send To > Desktop (Create shortcut)
  • Alternatively, right-click on the desktop and select New > Shortcut
  • Enter the path of the program executable file
  • Click on Next and give it a name: Brave_Test_Run
  • Click on Finish and a desktop shortcut will be created

Source: https://www.thewindowsclub.com/create-desktop-shortcut-windows-10

Where you entered the path of the program executable file - AND add a flag/switch → for jarring(?), reminding, possibly clearing away some dust in, the Local State file regarding the Default folder:

--profile-directory="C:\Users\[UserName]\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default"

So the complete entry for the [ path of the program executable file + flag/switch ] would be (for example → 64 architecture, system level installation) :

"C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe" --profile-directory="C:\Users\[UserName]\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default"

Use that test Shortcut to start up Brave Browser. Then, after a moment of thinking about nothing . . . Exit / Quit Brave Browser.

Edit the new, test BB Shortcut, changing the path to bring BB’s attention to the Profile 1 folder:

"C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe" --profile-directory="C:\Users\[UserName]\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile "`

Use that test Shortcut to start up Brave Browser. Then, after a moment of thinking about nothing . . . Exit / Quit Brave Browser.

The idea is, that some bit of the Local State file might be in a mess, and by “some miracle”, BB might flush the bad stuff out, during this housekeeping. Because, sometimes, the result of a Windows OS Update or a BB Update, is that BB no longer recognizes the established BB user Profiles.

Of course, that particular symptom of Update Blahs, is not your issue . . . but you might take a swing at the housekeeping.

Another Otherwise - some BB users have tried adjustments re Credential Manager - see my consolidate notes.

And all this running around the playing field . . . maybe you will stun everybody by suddenly stumbling onto the cure.

5

I tried the profile-directory housekeeping steps as suggested, but unfortunately it did not restore password decryption. (Also tqs for the restoration point will keep that in mind for future)

Thanks for the help mate , will keep trying for new solutions

1 Like
6

@Shq13 at least seems you’ve hit the nail on the head in terms of what might be happening. It’s this DPAPI issue which shines its head for people on occasion. I’m guessing you didn’t have it synced but was just local storage?

Anyway, wanted to give you a heads up that they added yours as a +1 on the Github earlier. Devs are at least aware. Problem is that there really isn’t anything that can be done about it at this point.

1 Like
Lose all tabs and password suddenly
7

Yep didn’t have it synced . it was local storage . Never knew passwords wud just disappear . been using brave since last 5 years and never faced any issues so i never really felt like syncing and backing up the passwords . Hope we find a issue for this !

8

We’re hoping as well. Apparently this bug is Chromium side possibly as Edge, and even Google Chrome users sometimes report the same issue, and in all those cases, at least on Windows like as is on Brave, it’s some DPAPI issue, and it seems to be timing. Chromium should wait for VaultSec to start, but it’s not and assumes profile is corrupt.

1 Like
9

Yup it seems to be some sort of DPAPI issue. That’s prolly the reason why the locally stored login data has become almost impossible to decrypt it . As far as i remember , there was a windows update , i restarted ( i did click the no update only restart button , we all know that doesnt work , irrespective of it it updated) opened brave went to YouTube to find put i was logged out of my account. the next day tried to login to Instagram and the autofill wasn’t showing up and that’s when it hit me the passwords are all gone . Well everything else is intact . The bookmarks , favourites , the address etc. All except passwords. gonna enable sync from now on .

10

Any new about how to fix this problem? Same as this user reports has happened to me

11

No, it’s a Chromium issue going back some time, and is not going to be an overnight fix. It hasn’t been for the few years it’s existed so far.

It’s not Brave either, look, Edge users have the same issue too: https://learn.microsoft.com/en-us/answers/questions/5520908/all-of-my-edge-passwords-have-disappeared

Issues like this end up being a challenge, and sadly patience is needed. It’s made worse when no developer can reproduce it, because we’ve yet to find what even causes it, so you can’t just look through code and go “oh that’s it!”. No, instead we are still working to find the trigger, then see the cause to fix.

Whatever issue it is, Google authors Chromium, and they are the ones who wrote the DPAPI code to auth/encrypt/decrypt Login Data, etc.