Using 1password and bitwarden autofill now dangerous?

[veltix]

https://www.pcworld.com/article/165...word-manager-especially-if-its-bitwarden.html

 

[TanKianW]

https://www.pcworld.com/article/165...word-manager-especially-if-its-bitwarden.html

Put it simply, all autofill is not safe. I will not use autofill even when I use BW.

I dun even use it (or addon) on my browser, I just run the app, cut and paste from there.

Do also set up 2FA for your BW. I always sees a lot of users not using 2FA as default.​

 

[Hafi]

Bitwarden also doesn’t warn users when they’re filling out a form hosted on a different page or site, and gives a free pass to subdomains of a website, too. Meanwhile, other password managers look like safer options, as they remain stricter with their autofill policies.

I don't use BW but this is an issue if the plugin extension/PW cannot tell whether the login data is being correctly input on the legitimate domain and perform submission check.

At least my password manager will warn me if the login form going to redirect or a spoof/mis-spelled domain and then restrict me to go further. If this is an issue with browser extension vulnerability then yes, autofill function is dangerous but the article didn't specify that.

 

[TanKianW]

A timely video for those who like to read headlines but not the content.