Completely disagree. Using the Firefox master password feature passwords are safe even in the context of sharing a device or an extension. In addition, multi-FA isn’t necessarily a safer option.
And what’s the provided alternative? A password manager. So storing passwords somewhere else that may leak, and in fact has leaked, and is by its nature a high value target.
Each person has to consider their particular situation and threat model, but a well-secured browser that stores passwords locally can be a perfectly adequate and in fact safer alternative than a password manager.
Completely disagree. Using the Firefox master password feature passwords are safe even in the context of sharing a device or an extension. In addition, multi-FA isn’t necessarily a safer option.
And what’s the provided alternative? A password manager. So storing passwords somewhere else that may leak, and in fact has leaked, and is by its nature a high value target.
Each person has to consider their particular situation and threat model, but a well-secured browser that stores passwords locally can be a perfectly adequate and in fact safer alternative than a password manager.
Simple solution for password manager leakage - KeepassXC or selfhosted bitwarden. All blame is on you then.
Right, so everyone should just do without synchronization to mobile devices or set up their own Bitwarden. That sounds like a solution for the masses.
If you are using a browser with password sync, you have the same possible data leakage problem as with a password manager.
If you aren’t using a browser with sync, then you… have no sync.
So you get five options, all with some downsides
Browser:
Browser (with sync):
Password manager (in cloud):
Password manager (KeePassXC with no sync):
Selfhosted password manager: