Or, for example, attacker stole your backup via vulnerability in your NAS. Or, for example, some idiots share whole system volumes in e2k and Direct Connect networks. Or ever web:
Just getting the file would not help you for the attack vectors shown in the article for Chrome (need user account's CryptProtectData), IE-pre-10 (need copy of registry keys + CryptProtectData), or IE 10 (need binary on user account).
Firefox would appear to be vulnerable to that approach. Not sure about Opera's wand.dat, probably vulnerable as well.
Opera allows you to set up a master password, if you want it. If you don’t want it, you can copy around wand.dat as you like (even from your computer to your phone!) and it just works. :)
Firefox would appear to be vulnerable to that approach. Not sure about Opera's wand.dat, probably vulnerable as well.