[farjar]

If assuming competent development is bad, as you claim, why would it be a better idea to use a closed source password manager like LastPass instead of an open source fork of KeepassX? If this program can accomplish everything that LastPass can accomplish, while also being open source, surely that's more trust worthy then a closed source implementation that you could not audit.

[dotancohen]

I'm not interested in the closed- or open- source aspects of the issue. I'm interested in allowing other browser extensions to access my passwords. The issue is whether or not passwords should be stored in a browser extension, not about access to the source code.