Hacker News new | past | comments | ask | show | jobs | submit login

Yes, this - absolutely. Every extension you install is another potential risk/attack vector. Consider the sources carefully and run the least number of extensions possible. Each one potentially has control of your browser, so choose accordingly.



Lately I ended up running much fewer extensions than I used to, and actually looking at their source first.

I think the only closed-source extension I run is lastpass, and I'm evaluating open-source alternatives.

How do people who cannot read code even cope, I don't know.


+1 for bitwarden. Of all the things not to trust closed source software with, passwords are the main one


[flagged]


If there were ever a post to drive me away from a product, this'd be it. Good to know that I should stay well away from KeepassXC, if this is what its defenders sound like.


It's really disappointing to see what's a now flagged post and push-back to what was obviously a flagrant comment. For a more level-headed opinion on KeepassXC, it's decently polished and easy to use. It's also open-source and cross-platform. I like it and came from the original Keepass. I didn't have any specific issues with the first besides wanting to try something new. I haven't noticed any major issues with KeepassXC myself but open to hearing others' experiences.


Comment was flagged so I have no idea what they said, but I use KeePassXC and I'm happy with it. Regular KeePass is good too, but I use XC because it's cross-platform.


If you turn on showdead in your user profile settings you can see flagged comments. I find it helps with context in situations like this, but certain types of posts do attract a lot of racist/sexist garbage that you normally cant see so be forewarned.


Can you comment on why you think Bitwarden is a „POS“ and what KeepassXC does better?


>KeepassXC is fortunately the only sane password-manager

What's wrong with Keepass?


I signed up for LastPass a couple of weeks ago, and they started sending me spammy emails every single day. I went into account settings and disabled the emails, and they kept coming. I opened a support thread on their forum, linking many other similar threads going back several years, and saying that they have to fix this under GDPR... Silence.

I deleted my account and switched to BitDefender. Still getting the LastPass emails though, whenever I check my spam folder.

Also, LastPass slowed my Android phone a lot. BitDefender doesn't seem to do that.

In short, my recommendation is: stay the hell away from LastPass. They can't even handle an email system, I don't trust them at all to handle my passwords.


> Also, LastPass slowed my Android phone a lot.

Their Windows application was also painfully slow.

I paid them for years but I no longer trust them, it seems to me they are incompetent as an organization even if the people who work there might or might not be smart.


You meant to say bitwarden? Afaik Bitdefender Is an Antivirus.


Oops, yes. Thanks.


Can you list those open source extensions you run? I think this could help a lot to cope ..




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: