Reviews for KeePassXC-Browser
KeePassXC-Browser by KeePassXC Team
Review by aWalker
Rated 2 out of 5
by aWalker, 6 years agoIt's really a convenience to use this add-on with KeePassXC. But, there been an issue that has been raised several months back :
In my case
Firefox 83
KeePassXC-Browser 1.7.3
Ubuntu 20.04 LTS
`keepassxc-proxy` makes tcp connections to remote servers over internet & transfers data(with 36+ KB/s speed) without user permission under Linux root privileges.
tcp 0 0 192.168.42.245:52470 117.18.237.29:80 ESTABLISHED 20559/keepassxc-pro
tcp 0 392 192.168.42.245:34738 209.216.230.240:443 ESTABLISHED 20225/keepassxc-pro
tcp 1 0 192.168.42.245:49194 172.67.146.206:443 CLOSE_WAIT 20225/keepassxc-pro
tcp 1 0 192.168.42.245:53060 104.20.214.50:443 CLOSE_WAIT 20225/keepassxc-pro
tcp 1 0 192.168.42.245:60362 172.67.153.104:443 CLOSE_WAIT 20225/keepassxc-pro
tcp 25 0 192.168.42.245:39074 151.101.113.137:443 CLOSE_WAIT 20225/keepassxc-pro
tcp 7890 0 192.168.42.245:34738 209.216.230.240:443 CLOSE_WAIT 20225/keepassxc-pro
simple ip2location domain :
104.20.214.50 .... CloudFlare Inc.
117.18.237.29 .... edgecast.com
151.101.113.137 .. fastly.com
172.67.146.206 ... CloudFlare Inc.
172.67.153.104 ... CloudFlare Inc.
209.216.230.240 .. M5 Computer Security
I tried several times, had to lock password-DB out of fear.
This bug/issue is not addressed by Firefox, claim KeePassXC team on their issue-tracker-logs.
I'm in a limbo, is Firefox breaching user privacy without their knowledge; what data is being transferred to remote servers by keepassxc-proxy?
Should I abandon Firefox; isn't it the most secure (or configurable) browser out there?
Should I change passwords of hundreds of accounts now?
I'm using AutoTyping where ever it's possible & often wished they had auto-type separately for Username & Password; you know for pages like firefox or google account logins.
cheers
In my case
Firefox 83
KeePassXC-Browser 1.7.3
Ubuntu 20.04 LTS
`keepassxc-proxy` makes tcp connections to remote servers over internet & transfers data(with 36+ KB/s speed) without user permission under Linux root privileges.
tcp 0 0 192.168.42.245:52470 117.18.237.29:80 ESTABLISHED 20559/keepassxc-pro
tcp 0 392 192.168.42.245:34738 209.216.230.240:443 ESTABLISHED 20225/keepassxc-pro
tcp 1 0 192.168.42.245:49194 172.67.146.206:443 CLOSE_WAIT 20225/keepassxc-pro
tcp 1 0 192.168.42.245:53060 104.20.214.50:443 CLOSE_WAIT 20225/keepassxc-pro
tcp 1 0 192.168.42.245:60362 172.67.153.104:443 CLOSE_WAIT 20225/keepassxc-pro
tcp 25 0 192.168.42.245:39074 151.101.113.137:443 CLOSE_WAIT 20225/keepassxc-pro
tcp 7890 0 192.168.42.245:34738 209.216.230.240:443 CLOSE_WAIT 20225/keepassxc-pro
simple ip2location domain :
104.20.214.50 .... CloudFlare Inc.
117.18.237.29 .... edgecast.com
151.101.113.137 .. fastly.com
172.67.146.206 ... CloudFlare Inc.
172.67.153.104 ... CloudFlare Inc.
209.216.230.240 .. M5 Computer Security
I tried several times, had to lock password-DB out of fear.
This bug/issue is not addressed by Firefox, claim KeePassXC team on their issue-tracker-logs.
I'm in a limbo, is Firefox breaching user privacy without their knowledge; what data is being transferred to remote servers by keepassxc-proxy?
Should I abandon Firefox; isn't it the most secure (or configurable) browser out there?
Should I change passwords of hundreds of accounts now?
I'm using AutoTyping where ever it's possible & often wished they had auto-type separately for Username & Password; you know for pages like firefox or google account logins.
cheers
Developer response
posted 6 years agoThis is not the first time the issues rises its head from the depths.
Here's the KeePassXC-Browser issue: https://github.com/keepassxreboot/keepassxc-browser/issues/100
And here's the Mozilla one: https://bugzilla.mozilla.org/show_bug.cgi?id=1463873
Again: this is a Firefox bug. If you look the connections keepassxc-proxy makes with Chromium-based browsers, you'll see none.
And to clarify: keepassxc-proxy does not make any connections. These are file descriptors that are leaking from the parent process (Firefox).
Here's the KeePassXC-Browser issue: https://github.com/keepassxreboot/keepassxc-browser/issues/100
And here's the Mozilla one: https://bugzilla.mozilla.org/show_bug.cgi?id=1463873
Again: this is a Firefox bug. If you look the connections keepassxc-proxy makes with Chromium-based browsers, you'll see none.
And to clarify: keepassxc-proxy does not make any connections. These are file descriptors that are leaking from the parent process (Firefox).
750 reviews
- Rated 5 out of 5by evtldocha, 4 days agoThanks for this extension!
One remark: though firefox now honors XDG config settings in $HOME/.config/mozilla/firefox (on Linux) the extension creates a $HOME/.mozilla/native-messaging-hosts. I'd like so see all config for an application on one single place only. - Rated 5 out of 5by Firefox user 12539057, 6 days ago
- Rated 4 out of 5by RD, 9 days agoThe add-on doesn't work in the Flatpak browser. Otherwise, I like KeePassXC :)
Developer response
posted 9 days agoActually there's already pull requests made for a websocket connection mode in both extension and KeePassXC. It works with Flatpak browsers. So it's coming :) - Rated 5 out of 5by Matthieu, 15 days ago
- Rated 1 out of 5by Abdiel, 16 days agoIt only has offline support. On Linux the configuration is a mess. Sometimes It doesn't talk with my desktop app. Remote support should also be added, so 1 star. I also noticed this while using it: not everything is handled within the browser. When the master password is requested, It switches to the KeepassXC desktop window which makes the experience less convenient. MasterPassword could instead be entered through a small pop-up inside the browser. This is what I would have preferred.
Developer response
posted 15 days agoThe whole idea of the extension is that it talks to the desktop app. It has no direct connection to your database, and it will never ask your master password. - Rated 5 out of 5by toorootoot, 16 days ago
- Rated 5 out of 5by Mark Andrew Gerads, a month ago
- Rated 5 out of 5by SilverAmd, a month ago
- Rated 5 out of 5by Firefox user 19902880, a month ago
- Rated 5 out of 5by Craig, a month ago
- Rated 5 out of 5by Firefox user 19882925, 2 months ago
- Rated 5 out of 5by Firefox user 18863959, 2 months ago
- Rated 1 out of 5by Firefox user 14868755, 2 months agoNot able to add connected database. Nothing happens when clicking the Connect Database button. Bazzite 43 (linux) NVIDIA edition, Firefox 149, KeePassXC 2.7.12
- Rated 4 out of 5by Saturnus, 2 months ago
- Rated 4 out of 5by Fokeu, 3 months ago
- Rated 5 out of 5by Firefox user 13156335, 3 months agoWorks fine on my Windows 10 Firefox, and in Firefox on my CachyOS Linux install.
- Rated 5 out of 5by Cangrejo, 4 months agoBest password manager ever.
I know this depends of Keepassxc development, but it would be nice if card info can be stored. - Rated 5 out of 5by elsenfox, 4 months ago
- Rated 2 out of 5by Firefox user 19733088, 4 months agoEigentlich gut, aber umständlich, funktioniert bei vielen Websites einfach mal gar nicht, das Felderkennungs-Tool zum Zuweisen ebenfalls nicht und kostet daher viel Zeit und Nerven in der Benutzung. Daher kann ich ebenso schnell und gut aus KeepassXC kopieren und einfügen und brauche mich nicht mit diesem AddOn herumschlagen; leider!
- Rated 1 out of 5by John Hills, 4 months agoThe addon randomly shows errors like "KeePassXC-Browser has encountered an error: Key exchange was not successful" which means absolutely nothing to the user and does not help solve the problem in any way. It is the same as showing a message "Error: There has been an error. You're unlucky, too bad for you."
Developer response
posted 4 months agoGitHub already has an issue about this. In short, there's no way to get details from the API why the key exchange / connection fails. I suggest you take a look at the most common error threads and our Troubleshooting Guide at GitHub. - Rated 5 out of 5by Lani, 5 months agoIt seems that the path for native-messaging-hosts is hardcoded.
I want to move the file located at [~/.mozilla/native-messaging-hosts/org.keepassxc.keepassxc_browser.json] to [xdg-directory :: ~/.config/mozilla], but it fails.
help me? - Rated 1 out of 5by Ethan, 5 months agoit doesn't work when the password is on another page after the email. it always puts the wrong password from another account without even asking which account. developers, add a dropdown to ask the user from which account to take the password, don't just put any random password from any random account in the database. changing any setting didn't fix this.
Developer response
posted 5 months agoFirst of all, this shouldn't happen. There's already a dropdown selector when filling usernames or password from multiple accounts. Selector from the popup works as well. There are some settings that try to fill the password automatically for the selected username. Disabling those should help. If not, please file an issue to GitHub, thanks. - Rated 5 out of 5by A1, 5 months ago
- Rated 5 out of 5by ProgramminCat, 5 months ago