There can be more to it, such as diversity, portability, backups, remote access, and configurations… but it comes down to basic security.
Browser based password managers are not the primary focus of the tool, but instead are included as an after thought to make it more convenient. But that means security is not necessarily the primary focus, which can obviously be an issue for you.
There is also the password issue. In order to use a browser based password manager, you have to sign into an account through the browser. But then when is the next time you log back into that account on the browser?
I use Firefox, and sync between all of my devices, which is awesome. But I only log into it once, maybe twice and then I’m done. However, I log into my password manager at least once a day, sometimes multiple times a day. So if there are any issues or concerns with the browser or the device, my passwords and credit card info are not compromised.
Then there is the security issue that browsers deal with constantly. Chrome (and their whole ecosystem of chromium based browsers) release zero-day patches at least once a quarter, if not more often. Which means the browser is at risk along with all the passwords you are saving there. Firefox and Safari also drops zero-days, but almost every browser is based on Chromium, which is a whole separate thing.
A separate password manager provides significantly more security because that’s its only job. A Swiss Army knife is a great tool, but a standard pair of scissors is just going to do a better job cutting then the little pair that comes on the multitool.
This was me for the last 7 or so years. I still had the Lockwise app and everything.
I switched to Bitwarden half a year ago, and I’m very pleased with the transition.
I find it easier to manage with the add-on, and it allows for saving notes and attachments for each login. The built-in 2FA is godsent though. No more hacky solutions like Authy to get 2FA on my PC.
The original reason for why I switched, was because I was scared of my PC getting infected. If you store passwords in Firefox, they can be accessed from a file on the PC. If that’s not a concern for you, you can easily keep using it though.
I only ever use this PC for Searching stuff, social media, watching videos, and typing documents or spreadsheets it’s a trash-picked Chromebook which I put Debian on using the coreboot thing.
I did set the drive to encrypt with LUKS on install so I haven’t been super worried about them being read from the disk, although I probably will switch to Bitwarden or something else soon since Sync is starting to have problems for me, some passwords no longer syncing from Firefox desktop to Firefox Android, which is a bit annoying and could potentially get me in a jam if something happened to this laptop and I couldn’t get back in.
I’m probably going to get grilled for this but I’ve Been using Firefox’s Saved passwords, I really don’t need anything better.
dude…. I love Firefox, but just use BitWarden.
Yes you are going to get grilled for this. Please don’t use that on anything important.
Genuine question, but why are browsers so bad compared to a dedicated cloud service?
Security.
There can be more to it, such as diversity, portability, backups, remote access, and configurations… but it comes down to basic security.
Browser based password managers are not the primary focus of the tool, but instead are included as an after thought to make it more convenient. But that means security is not necessarily the primary focus, which can obviously be an issue for you.
There is also the password issue. In order to use a browser based password manager, you have to sign into an account through the browser. But then when is the next time you log back into that account on the browser?
I use Firefox, and sync between all of my devices, which is awesome. But I only log into it once, maybe twice and then I’m done. However, I log into my password manager at least once a day, sometimes multiple times a day. So if there are any issues or concerns with the browser or the device, my passwords and credit card info are not compromised.
Then there is the security issue that browsers deal with constantly. Chrome (and their whole ecosystem of chromium based browsers) release zero-day patches at least once a quarter, if not more often. Which means the browser is at risk along with all the passwords you are saving there. Firefox and Safari also drops zero-days, but almost every browser is based on Chromium, which is a whole separate thing.
A separate password manager provides significantly more security because that’s its only job. A Swiss Army knife is a great tool, but a standard pair of scissors is just going to do a better job cutting then the little pair that comes on the multitool.
This was me for the last 7 or so years. I still had the Lockwise app and everything.
I switched to Bitwarden half a year ago, and I’m very pleased with the transition.
I find it easier to manage with the add-on, and it allows for saving notes and attachments for each login. The built-in 2FA is godsent though. No more hacky solutions like Authy to get 2FA on my PC.
The original reason for why I switched, was because I was scared of my PC getting infected. If you store passwords in Firefox, they can be accessed from a file on the PC. If that’s not a concern for you, you can easily keep using it though.
I only ever use this PC for Searching stuff, social media, watching videos, and typing documents or spreadsheets it’s a trash-picked Chromebook which I put Debian on using the coreboot thing. I did set the drive to encrypt with LUKS on install so I haven’t been super worried about them being read from the disk, although I probably will switch to Bitwarden or something else soon since Sync is starting to have problems for me, some passwords no longer syncing from Firefox desktop to Firefox Android, which is a bit annoying and could potentially get me in a jam if something happened to this laptop and I couldn’t get back in.
Yeah, the sync can be a bit “effy” sometimes. I’ve noticed it with history and open tabs, probably affects newly-saved passwords as well.
Anyways, Lockwise worked good for me for many years, and its definitely better than nothing.