|
|
|
|
|
|
by tredre3
64 days ago
|
|
|
> The problem is that the UX with a browser extension is so much better. It's better, but calling it so much better [that it's unreasonable to forgo the browser extension] is a bit silly to me. 1. Go to website login page 2. trigger the global shortcut that will invoke your password manager 3. Your password manager will appear with the correct entry usually preselected, if not type 3 letters of the site's name. 4. Press enter to perform the auto type sequence. There, an entire class of exploits entirely avoided. No more injecting third party JS in all pages. No more keeping an listening socket in your password manager, ready to give away all your secrets. The tradeoff? You now have to manually press ctrl+shift+space or whatever instead when you need to log in. |
|
|