First of all, if this question should go into another stackexchange site please let me know.
I have a computer that I used for a lot of years, so it has a lot of stored password, cookies, etc in my Google Chrome folder. I recently bought a new computer and wanted to keep everything that I had before, specially my cookies, extensions, etc.
At first, I just copied over the %APPDATA%\local\google folder from my old computer to my new one. When I launched Chrome i could see my history, extensions, etc. but when I went to common sites like facebook, gmail, etc. it was asking me to login.
I then went and read about how Chrome encrypts that data with DPAPI and so I changed my password and username in my new computer to match my old one, and then copied the folder over again but still nothing.
So, I read some more and discovered that DPAPI uses a master key file, so I went ahead and copied over the %APPDATA%\roaming\microsoft folder, which should contain that file, over to my new PC. So now I have the same password, username, and master key file, but I still can't get it to work. It is asking me to log in everytime instead of using the cookies/saved passwords.
Does anyone know what else I am missing to have Chrome be able to decrypt those things when I go to a website?
Again, if there is another site that would fit this better, please let me know. Thank you.
-
Probably Superuser stackexchange is a better fit for this kind of question. – Henno Brandsma Mar 02 '19 at 22:59
1 Answers
As to the DPAPI aspect: the S-identifier (which is an internal "LSA-name" (LSA=local security authority subsystem), it's the name of the folder that the mastery files reside in under the Protect directory) for the user within the Windows OS) on both computers is also used in deriving the key from the user password to decrypt the master key files. So these cannot be used on any other computer (as the majority part of the S-identifier is randomly generated when the user is created on the PC, and cannot be set manually, I believe). Using open source tools one could in theory re-encrypt the master keys of the old PC to make them valid on the new PC, but frankly that's a PITA. And still you'd have to mess a bit with the most recent masterkey files etc. No 100% guarantee there even.
Within Chrome itself, when you have it open on the old PC, you can export all the password info some structured format, and then transfer them to the new PC (say by USB) and import them there into Chrome again. You could also turn on Chrome syncing (which requires a Google login) and let "the cloud" handle the transfer (password syncing is optional there, and you can choose for encryption by Google credentials as an extra security option; I don't know the internals for that mechanism. Most password managers also offer a way to sync passwords between browsers on different computers, especially if they already offer browser integration. The export-import option seems the most practical to me.
- 2,116
- 11
- 12