I reinstalled Windows on my desktop and laptop from scratch earlier this week to fix some nagging issues and clear out the cruft. Starting from a blank slate with a fresh install (vs an upgrade or install in-place) always makes me feel great. That’s a little sick, I know. But all the apps work like they’re supposed to and the computer just feels more… solid. As more of my life goes into the cloud, the list of software I need to reinstall gets shorter, and with Chocolatey and a USB drive with a few installers, I can do full OS reinstall in under an hour. With Chrome Sync, after reinstalling the browser and logging in, all my extensions, settings, saved passwords and bookmarks magically re-appear. Everything is awesome!
Until I try to open up a few of my favorite services and try to log in there…
I could go on for a while, since every site that I can turn on 2-factor authentication for I have done so. This greatly increases my security in case my password is ever hacked or I get phished. It also means that after reinstalling I got to spend tons of time and annoyance getting SMS text messages, Google Authenticator codes, security code emails, and typing in answers to security questions. Normally the 2-factor authentication only requires verification periodically, and you mark your browser as a “registered device” to avoid having to jump through the hoops. To do this, your browser stores a “cookie” with an authentication token used on future visits to the sites you register. And although Chrome Sync restored 29 apps, 16 extensions, 202 settings, 415 passwords and 52 bookmarks for me, it does not sync cookies!!
This is of course by design. Normally syncing cookies would be a really bad idea since it would defeat the purpose of 2-factor authentication. But when reinstalling your computer, it would be nice if there was a way to bring over cookies. You used to be able to do this by copying the Chrome User Data folder, but this was a bit of a security risk because that meant your passwords and cookies were sitting around on your disk unprotected and could potentially be stolen. So in 2014 Chrome started encrypting protected data like cookies, using a special encryption key that is different for every user and computer.
I’d reinstalled Windows a few times since 2014, so I’ve gone through 2-Factor-Apocalypse a few times, with each time getting worse as more sites allow 2-Factor Authentication or implement security questions or email processes. To make things worse, I’ve started installing Windows Insider pre-release builds, so I’ll probably reinstall from scratch again soon and have to go through the whole thing again. Madness!
I did a search to see if there were any solutions for backing up and restoring Chrome cookies, and it didn’t look like there were any suited to my use case, so I spent a few hours cooking one up. (See what I did there? lol)
It slices, it dices, it backs up and restores cookies for multiple profiles at once. You can check out the tool on GitHub, and use it to avoid 2-F-Apocalypse the next time you update your machine! Just make sure you run the backup before you wipe out your old install since you need to log on with the Windows user account of the Chrome profile to create the decrypted backup file. And sorry, it doesn’t work on Linux1 or macOS since the encryption used there is different.
Hope that helps!