Password managers

[uvarvu]

I will say that support for extensions was only added in iOS15. Also found this blog post from 1Password which shows that the extension can do.
https://blog.1password.com/1password-for-safari/

 

[HACO]

I will say that support for extensions was only added in iOS15. Also found this blog post from 1Password which shows that the extension can do.
https://blog.1password.com/1password-for-safari/

Looks nice, wouldn't say it's a necessary feature, more like a nice to have for iOS users.

 

[Ice Tea]

I decided to go back to firefox bookmarks and passwords, after several entries i remembered what a pain in the ass it is and decided to stick with lastpass.

 

[Ice Tea]

Well i was wrong about Bitwarden browser extension being flaky with some sites as firefox built in password manager is also failing to trigger on some sites like twitter.

 

[Turn]

NordPass is meant to be pretty good.

 

[Ice Tea]

You Should Turn Off Autofill in Your Password Manager

https://www.howtogeek.com/338209/you-should-turn-off-autofill-in-your-password-manager

Advertisers have found a new way to track you. According to Freedom to Tinker, a few ad networks are now abusing tracking scripts to capture the email addresses that your password manager auto-fills on websites.

But it gets worse: they could use that tech to capture your passwords too, if they wanted. This affects everyone using a password manager, whether it’s a built-in password manager like the one in Chrome, Firefox, or Edge, or a browser extension like LastPass. As a result, you should probably disable the autofill feature to prevent this from happening.

 

[ChrisD.]

Doesn't appear to affect LastPass/Safari. I don't have it enabled anyway but thought I'd try it out.

Result
Sniffed email: ?

Sniffed password: ?

 

[thewanted]

Bitwarden + Edge

Result
Sniffed email: [email protected]

Sniffed password: defdfsdgsdg3333

 

[HACO]

Bitwarden + Chrome. Also tested with Safari and Firefox. Doesn't affect mine, but I had disabled autofill.

Result
Sniffed email: ?

Sniffed password: ?

 

[ChrisD.]

It's actually reminded me how much I hate browsing the internet these days. Even with ad blockers and Super Agent as an example, just trying to view some websites is a royal pain.

There needs to be some law which gives you a super easy 'reject' cookies button rather than sub menus etc, and don't get me started on ads and autoplay videos.

 

[HACO]

It's actually reminded me how much I hate browsing the internet these days. Even with ad blockers and Super Agent as an example, just trying to view some websites is a royal pain.

There needs to be some law which gives you a super easy 'reject' cookies button rather than sub menus etc, and don't get me started on ads and autoplay videos.

Ublock Origin + aggressive filters + I don't care about cookies extension + Vanilla Cookie Manager (to delete all cookies every x min except whitelisted ones). 99% of sites are fine this way.

 

[Buffalo2102]

Assuming it's the same thing, Keepass XC browser extension already contains a warning in the settings;

"Warning! Using auto-fill is not safe. Use at your own risk. KeePassXC-Browser automatically tries to detect login fields. However, they may be detected incorrectly, possibly filling sensitive data in unsafe input fields."

 

[HACO]

Assuming it's the same thing, Keepass XC browser extension already contains a warning in the settings;

"Warning! Using auto-fill is not safe. Use at your own risk. KeePassXC-Browser automatically tries to detect login fields. However, they may be detected incorrectly, possibly filling sensitive data in unsafe input fields."

This is more about mistakenly (or not) filling a password into a username field, therefore sending it to a server where it may be logged unhashed in a log file or database.

 

[Combat squirrel]

I just use a keepass database across all my devices, windows, Mac OS, iOS etc, works great, lots of software on each of them.

I just store the database file in my cloud drive so it always auto syncs across all my devices.

I really don't get why people pay for password managers beyond this because it literally does everything I want it to and auto syncs across everything, and its free.

 

[ChrisD.]

I just use a keepass database across all my devices, windows, Mac OS, iOS etc, works great, lots of software on each of them.

I just store the database file in my cloud drive so it always auto syncs across all my devices.

I really don't get why people pay for password managers beyond this because it literally does everything I want it to and auto syncs across everything, and its free.

Does your mrs/family use it?

 

[Infidelus]

Firefox with KeePassXC:

Result

Sniffed email: ?

Sniffed password: ?

I don't have KeePassXC set to autofill my passwords though.

 

[Combat squirrel]

Does your mrs/family use it?

No they have their own databases, why would they use mine ?

 

[ChrisD.]

No they have their own databases, why would they use mine ?

Because with many of the paid options it's really simple to set it up for family (with their own Vaults and family shared vaults too) and not much teaching required, the same can't be said for KeyPass, it's a much higher learning curve.

 

[Ice Tea]

When i first started using lastpass their emails were all about how great they are and the systems they use to keep your data safe but they have shifted in the last 12 months to sending scaremongering emails how the world is full of hackers and you should buy their premium service.

 

[Combat squirrel]

Because with many of the paid options it's really simple to set it up for family (with their own Vaults and family shared vaults too) and not much teaching required, the same can't be said for KeyPass, it's a much higher learning curve.

I dont see how beyond logging into anything.

Log into your database....copy/paste the password, thats it.