A flaw that you are repeatedly warned about if you try to enable the feature, which is off by default... Trashy clickbait article from a trashy clickbait site.
1 Like
Saw that news today. They do recommend not to use the feature and default it turned off (If you turn it on, there is a big old **WARNING:**Compromised pages can exploit autofill on page load). But they allow users to make that decision. If you read the article, it also explains the risk and that it is a minimal risk. I think they are planning to make a change. I actually like Bitwarden's keyboard shortcut better than the autofill approach anways.
1 Like
Just because itâs open source doesnât mean itâs more secure. Donât fool yourself into thinking all open source is constantly being checked on by people just because it can. It is not.
Just look at the history of CVEs from some pretty boneheaded mistakes in open source projects that run the entire internet.
If anything, open source is more open for malicious actors to find the vulnerabilities.
And donât take this as me not being a fan or steward of open source. My past speaks for itself 
1 Like
I followed in the same path as you to be honest. Yes, it's OpenSource meaning that the code is out there should someone want to develop an exploit for it, but their level of encryption and MFA integration gives me about as much sense of security as one can have short of a little book in my pocket with clues to passwords written down for me to guess. Not using the same password for a hundred sites and making sure to MFA anything that contains secure data is about as close as I can get.
Same here. I think common sense and diligence is the biggest thing you can do to protect yourself, and there is always a risk, even if you lock yourself in a closed room and don't communicate with the outside world.
LastPass lost the trust of the users for a variety of things they did. I would think they will not get that back, but maybe they have enough customers that are unable to leave to keep them going.