Reviews for KeePassXC-Browser
KeePassXC-Browser by KeePassXC Team
Review by aWalker
Rated 2 out of 5
by aWalker, 5 years agoIt's really a convenience to use this add-on with KeePassXC. But, there been an issue that has been raised several months back :
In my case
Firefox 83
KeePassXC-Browser 1.7.3
Ubuntu 20.04 LTS
`keepassxc-proxy` makes tcp connections to remote servers over internet & transfers data(with 36+ KB/s speed) without user permission under Linux root privileges.
tcp 0 0 192.168.42.245:52470 117.18.237.29:80 ESTABLISHED 20559/keepassxc-pro
tcp 0 392 192.168.42.245:34738 209.216.230.240:443 ESTABLISHED 20225/keepassxc-pro
tcp 1 0 192.168.42.245:49194 172.67.146.206:443 CLOSE_WAIT 20225/keepassxc-pro
tcp 1 0 192.168.42.245:53060 104.20.214.50:443 CLOSE_WAIT 20225/keepassxc-pro
tcp 1 0 192.168.42.245:60362 172.67.153.104:443 CLOSE_WAIT 20225/keepassxc-pro
tcp 25 0 192.168.42.245:39074 151.101.113.137:443 CLOSE_WAIT 20225/keepassxc-pro
tcp 7890 0 192.168.42.245:34738 209.216.230.240:443 CLOSE_WAIT 20225/keepassxc-pro
simple ip2location domain :
104.20.214.50 .... CloudFlare Inc.
117.18.237.29 .... edgecast.com
151.101.113.137 .. fastly.com
172.67.146.206 ... CloudFlare Inc.
172.67.153.104 ... CloudFlare Inc.
209.216.230.240 .. M5 Computer Security
I tried several times, had to lock password-DB out of fear.
This bug/issue is not addressed by Firefox, claim KeePassXC team on their issue-tracker-logs.
I'm in a limbo, is Firefox breaching user privacy without their knowledge; what data is being transferred to remote servers by keepassxc-proxy?
Should I abandon Firefox; isn't it the most secure (or configurable) browser out there?
Should I change passwords of hundreds of accounts now?
I'm using AutoTyping where ever it's possible & often wished they had auto-type separately for Username & Password; you know for pages like firefox or google account logins.
cheers
In my case
Firefox 83
KeePassXC-Browser 1.7.3
Ubuntu 20.04 LTS
`keepassxc-proxy` makes tcp connections to remote servers over internet & transfers data(with 36+ KB/s speed) without user permission under Linux root privileges.
tcp 0 0 192.168.42.245:52470 117.18.237.29:80 ESTABLISHED 20559/keepassxc-pro
tcp 0 392 192.168.42.245:34738 209.216.230.240:443 ESTABLISHED 20225/keepassxc-pro
tcp 1 0 192.168.42.245:49194 172.67.146.206:443 CLOSE_WAIT 20225/keepassxc-pro
tcp 1 0 192.168.42.245:53060 104.20.214.50:443 CLOSE_WAIT 20225/keepassxc-pro
tcp 1 0 192.168.42.245:60362 172.67.153.104:443 CLOSE_WAIT 20225/keepassxc-pro
tcp 25 0 192.168.42.245:39074 151.101.113.137:443 CLOSE_WAIT 20225/keepassxc-pro
tcp 7890 0 192.168.42.245:34738 209.216.230.240:443 CLOSE_WAIT 20225/keepassxc-pro
simple ip2location domain :
104.20.214.50 .... CloudFlare Inc.
117.18.237.29 .... edgecast.com
151.101.113.137 .. fastly.com
172.67.146.206 ... CloudFlare Inc.
172.67.153.104 ... CloudFlare Inc.
209.216.230.240 .. M5 Computer Security
I tried several times, had to lock password-DB out of fear.
This bug/issue is not addressed by Firefox, claim KeePassXC team on their issue-tracker-logs.
I'm in a limbo, is Firefox breaching user privacy without their knowledge; what data is being transferred to remote servers by keepassxc-proxy?
Should I abandon Firefox; isn't it the most secure (or configurable) browser out there?
Should I change passwords of hundreds of accounts now?
I'm using AutoTyping where ever it's possible & often wished they had auto-type separately for Username & Password; you know for pages like firefox or google account logins.
cheers
Developer response
posted 5 years agoThis is not the first time the issues rises its head from the depths.
Here's the KeePassXC-Browser issue: https://github.com/keepassxreboot/keepassxc-browser/issues/100
And here's the Mozilla one: https://bugzilla.mozilla.org/show_bug.cgi?id=1463873
Again: this is a Firefox bug. If you look the connections keepassxc-proxy makes with Chromium-based browsers, you'll see none.
And to clarify: keepassxc-proxy does not make any connections. These are file descriptors that are leaking from the parent process (Firefox).
Here's the KeePassXC-Browser issue: https://github.com/keepassxreboot/keepassxc-browser/issues/100
And here's the Mozilla one: https://bugzilla.mozilla.org/show_bug.cgi?id=1463873
Again: this is a Firefox bug. If you look the connections keepassxc-proxy makes with Chromium-based browsers, you'll see none.
And to clarify: keepassxc-proxy does not make any connections. These are file descriptors that are leaking from the parent process (Firefox).
731 reviews
- Rated 5 out of 5by Lani, 13 days agoIt seems that the path for native-messaging-hosts is hardcoded.
I want to move the file located at [~/.mozilla/native-messaging-hosts/org.keepassxc.keepassxc_browser.json] to [xdg-directory :: ~/.config/mozilla], but it fails.
help me? - Rated 1 out of 5by Ethan, 16 days agoit doesn't work when the password is on another page after the email. it always puts the wrong password from another account without even asking which account. developers, add a dropdown to ask the user from which account to take the password, don't just put any random password from any random account in the database. changing any setting didn't fix this.
Developer response
posted 15 days agoFirst of all, this shouldn't happen. There's already a dropdown selector when filling usernames or password from multiple accounts. Selector from the popup works as well. There are some settings that try to fill the password automatically for the selected username. Disabling those should help. If not, please file an issue to GitHub, thanks. - Rated 5 out of 5by A1, 20 days ago
- Rated 5 out of 5by ProgramminCat, 20 days ago
- Rated 5 out of 5by Xol, a month ago
- Rated 5 out of 5by Firefox user 16478816, a month ago
- Rated 5 out of 5by Ryan Steed, a month ago
- Rated 5 out of 5by Firefox user 19642928, a month ago
- Rated 4 out of 5by Enunciate_Veggie, a month ago
- Rated 5 out of 5by Firefox user 13447327, 2 months ago
- Rated 5 out of 5by Thrillhouse, 2 months ago
- Rated 4 out of 5by Helkin, 2 months agoGreat extension, love this on my Fedora 43 computer.
I would have love to have this work on Bazitte with it’s firefox in a flatpak - Rated 1 out of 5by FartPie, 2 months agoCurrently completely broken with more restrictive privacy configurations due to a bug (#2672) that was reported over two months ago and patched over a month ago - and still not released.
I would have thought show stopping bugs would be worth a point release, but apparently not.Developer response
posted 2 months agoDear FartPie (love the nick btw), we've been collecting a bunch of various fixes and new features for the release, and it will be published soon. The bug you mentioned was not really high-priority, and not affecting many people so it didn't require a separate hotfix release. - Rated 5 out of 5by Davide, 3 months ago
- Rated 5 out of 5by ESM44, 3 months ago
- Rated 5 out of 5by Omar Kotb, 3 months ago
- Rated 5 out of 5by Firefox user 18499562, 3 months ago
- Rated 5 out of 5by Ender Dobra, 4 months ago
- Rated 5 out of 5by Lilith D. Bracken, 4 months agoKeePassXC-Browser is a great companion for the KeePassXC password manager. It makes filling in passwords and logging into sites quick and secure, without having to copy and paste manually. The integration is smooth, easy to use, and keeps your credentials safe. Perfect for anyone who wants strong password management right in the browser.
- Rated 1 out of 5by Firefox user 19484545, 4 months agoAll of a sudden the connection between the extension and the app has broken and the extension doesn't function in any useful way. I'm surmising it's something to do with an update to Firefox to version 143.0.
- Rated 5 out of 5by Tinto, 5 months ago