|
|
|
|
|
|
by ahupp
2468 days ago
|
|
|
It's not just usability: The context awareness means it will prevent you from filling a password on a phishing site. I share your wariness of the browser extensions, but you're betting that a software bug is more likely than human error. Even skilled security-aware users fall victim to phishing on a regular basis, so I'd rather trust the software. |
|
|
This is literally one of the last major attack vectors since password managers became somewhat more popular.
They all do encryption well, even the ones that keep the database on a server you don't control it's most probably actually encrypted, etc. They do the basic password manager thing. They keep your passwords.
Every time there's something wrong/vulnerable with a password manager, it is because it's a browser extension and the attack surface between the password manager and the browser is being attacked.
> I share your wariness of the browser extensions, but you're betting that a software bug is more likely than human error.
Well, it literally has been.
(this is why I'm using Keepass and no browser extension for my passwords)