From the start of use to the encryption and access of data, MoreLogin provides end-to-end full-chain security protection.
Browser extensions typically have high application permissions, which allows them to access and manipulate user browser data. However, this high permission also brings potential security risks. In the past, there have been numerous incidents of user account asset losses due to the theft of browser extension data.
1. How MoreLogin Ensures the Safety of the Extensions You Use
MoreLogin recommends using Chrome native extensions instead of third-party extensions. This is because the Chrome Web Store conducts strict reviews of the extensions it lists, and the extensions downloaded in the MoreLogin browser are all native extensions from the Chrome store.
When users upload third-party extensions on their own, we will determine whether they are native extensions and provide guidance. We determine whether the extension uploaded by the user is listed on the Chrome Web Store. If it is listed, users will be prevented from uploading and using tampered extensions, and will be guided to install native extensions from the Chrome Web Store. Through MoreLogin's extension verification, users can be prevented from installing tampered pirated extensions, protecting the security of digital assets.�
2. How MoreLogin Protects User Extension Data Security
2.1 Default Storage of Extension Data Locally
MoreLogin defaults to storing extension data only locally. The synchronization of extensions in MoreLogin is turned off by default. This means that extension data will not be automatically uploaded, avoiding the risk of being stolen by hackers during transmission or on the server.
To ensure your security, go to the top right corner of the main interface, Click on the Avatar > Settings > Global Settings > Sync extensions and data, and turn off the extension protection option.
2.2 Unique End-to-End Encryption
Some teams need to share data between multiple members or computers. To maximize the protection of data risks during transmission and on the server, MoreLogin has introduced a high-level encryption strategy End-to-End encryption. This is an asymmetric encryption algorithm. When users enable this feature, a unique key known only to the user will be generated based on local device information. The key will be used to encrypt the data in the environment, including extensions, accounts, passwords, etc. The decryption process only takes place locally and requires the use of both the MoreLogin account and the user's unique key. The introduction of this technology aims to ensure that even if the data is stolen during transmission in the worst-case scenario, it will be difficult for the other party to decrypt it.
How to enable end-to-end encryption? Click here to view the tutorial: End-to-end encryption | MoreLogin Help Center
2.3 Local Extension Data Encryption
MoreLogin was the first in the industry to introduce local extension data encryption. Once you enable extension data encryption, your local extension data will not be accessible in other browsers.
Under normal circumstances, extension data based on the Chromium kernel can be interoperable. For example, you can transfer the Chrome extension files from computer A to the Chrome extension directory of computer B, and computer B can directly open these extensions without logging in to access them. However, this interoperability also brings security risks. If someone steals these extension data through malware or directly drags them from the local area, your extension account assets may face the risk of loss.
To solve this problem, MoreLogin provides local extension encryption. After you enable this function, even if the local extension data is maliciously stolen and dragged away, it can still protect the security of the extension data as much as possible.
Video demonstration link: https://www.youtube.com/watch?v=BznZfT3fKfQ
To ensure your security, go to the top right corner of the main interface, Click on the avatar > Settings > Global Settings > Extended data protection, and turn on the extension protection option.
3. MoreLogin Default Encryption of User Cookies and Account Passwords
Cookies and account passwords in Chromium-based browsers are universally compatible, allowing one browser to access and utilize those from another. MoreLogin, by default, encrypts the profile's Cookies and account passwords. Even if the Cookies and account password directory files from MoreLogin's profile are maliciously copied to another browser, they cannot be viewed or opened due to the encryption.
Account password test results:
Using a regular browser, the account passwords stored during use can be opened locally and the plaintext can be seen. MoreLogin will encrypt the data and display it in ciphertext.
Cookie test results:
Using a regular browser, the browser's Cookies can be opened locally and the plaintext can be seen. MoreLogin will encrypt the data and display it in ciphertext.
At MoreLogin browser, we never compromise on user data security—it's our absolute bottom line. We go all out to keep your data safe so you can use our service with total peace of mind. Give MoreLogin a try, click the link https://www.morelogin.com/download/, and kick off your secure, efficient multi-account management experience.
End
————————
👇Attached is the Python script for security testing of cookies and passwords:
#*********************************************************************************************
#*** File description: Read cookies stored in Chrome and output them
#*********************************************************************************************
import os
import shutil
# pip install pywin32
import sqlite3, win32crypt
import json
import base64
import argparse
# pip install pycryptodomex
from Cryptodome.Cipher import AES
def main():
# ========================================================================================
# === ps:
# === This script must be run with Chrome closed, or the file must be copied out with # # # === Chrome closed, otherwise the file will be occupied
# ========================================================================================
# Cookie file directory "%LocalAppData%\Google\Chrome\User Data\Default\Network\Cookies" or open chrome://version/ find Profile Path
database_path = 'd:/Cookies' #os.path.expanduser('~') + encrypt_decrypt(Cookies, key)
print(database_path)
# Decrypt file address "%LocalAppData%\Google\Chrome\User Data\Local State",Password in os_crypt.encrypted_key
local_state_path = 'd:/Local State'
with open(local_state_path, 'r', encoding='utf-8') as fp:
local_state = json.load(fp)
# Retrieve the decryption key from the 'Local State' file
master_key = base64.b64decode(local_state["os_crypt"]["encrypted_key"])
# Remove prefix characters from the key: DPAPI
master_key = master_key[5:]
master_key = win32crypt.CryptUnprotectData(master_key, None, None, None, 0)[1]
print('decryption key: ' + str(master_key))
# Connect to password database and read data
with sqlite3.connect(database_path) as conn:
cursor = conn.cursor()
cursor.execute('SELECT * FROM cookies')
#results = cursor.fetchall()
# Collect an array of field names
all_field_names = []
for field in cursor.description:
all_field_names.append(field[0])
i=0
for row in cursor.fetchall():
i=i+1
print('============================ Cookie', i, '============================')
for name in all_field_names:
val = row[all_field_names.index(name)]
if name == 'encrypted_value':
name = 'cookie_value'
val = decrypt_password(val, master_key) # use key
print(name, ': ', val) # out put field name and value
#for column in row:
# print(column)
def encrypt_decrypt(data: str, key: str) -> str:
return ''.join([chr(ord(data[i]) ^ ord(key[i % len(key)])) for i in range(len(data))])
def decrypt_payload(cipher, payload):
return cipher.decrypt(payload)
def generate_cipher(aes_key, iv):
return AES.new(aes_key, AES.MODE_GCM, iv)
def decrypt_password(buff, master_key):
try:
iv = buff[3:15]
payload = buff[15:]
cipher = generate_cipher(master_key, iv)
decrypted_pass = decrypt_payload(cipher, payload)
decrypted_pass = decrypted_pass[:-16] # remove suffix bytes
return decrypted_pass.decode('utf-8', errors='replace')
except Exception as e:
print("Unable to decode:", buff)
if __name__ == '__main__':
main()
EN
