Reviews for KeePassXC-Browser
KeePassXC-Browser by KeePassXC Team
Review by aWalker
Rated 2 out of 5
by aWalker, 5 years agoIt's really a convenience to use this add-on with KeePassXC. But, there been an issue that has been raised several months back :
In my case
Firefox 83
KeePassXC-Browser 1.7.3
Ubuntu 20.04 LTS
`keepassxc-proxy` makes tcp connections to remote servers over internet & transfers data(with 36+ KB/s speed) without user permission under Linux root privileges.
tcp 0 0 192.168.42.245:52470 117.18.237.29:80 ESTABLISHED 20559/keepassxc-pro
tcp 0 392 192.168.42.245:34738 209.216.230.240:443 ESTABLISHED 20225/keepassxc-pro
tcp 1 0 192.168.42.245:49194 172.67.146.206:443 CLOSE_WAIT 20225/keepassxc-pro
tcp 1 0 192.168.42.245:53060 104.20.214.50:443 CLOSE_WAIT 20225/keepassxc-pro
tcp 1 0 192.168.42.245:60362 172.67.153.104:443 CLOSE_WAIT 20225/keepassxc-pro
tcp 25 0 192.168.42.245:39074 151.101.113.137:443 CLOSE_WAIT 20225/keepassxc-pro
tcp 7890 0 192.168.42.245:34738 209.216.230.240:443 CLOSE_WAIT 20225/keepassxc-pro
simple ip2location domain :
104.20.214.50 .... CloudFlare Inc.
117.18.237.29 .... edgecast.com
151.101.113.137 .. fastly.com
172.67.146.206 ... CloudFlare Inc.
172.67.153.104 ... CloudFlare Inc.
209.216.230.240 .. M5 Computer Security
I tried several times, had to lock password-DB out of fear.
This bug/issue is not addressed by Firefox, claim KeePassXC team on their issue-tracker-logs.
I'm in a limbo, is Firefox breaching user privacy without their knowledge; what data is being transferred to remote servers by keepassxc-proxy?
Should I abandon Firefox; isn't it the most secure (or configurable) browser out there?
Should I change passwords of hundreds of accounts now?
I'm using AutoTyping where ever it's possible & often wished they had auto-type separately for Username & Password; you know for pages like firefox or google account logins.
cheers
In my case
Firefox 83
KeePassXC-Browser 1.7.3
Ubuntu 20.04 LTS
`keepassxc-proxy` makes tcp connections to remote servers over internet & transfers data(with 36+ KB/s speed) without user permission under Linux root privileges.
tcp 0 0 192.168.42.245:52470 117.18.237.29:80 ESTABLISHED 20559/keepassxc-pro
tcp 0 392 192.168.42.245:34738 209.216.230.240:443 ESTABLISHED 20225/keepassxc-pro
tcp 1 0 192.168.42.245:49194 172.67.146.206:443 CLOSE_WAIT 20225/keepassxc-pro
tcp 1 0 192.168.42.245:53060 104.20.214.50:443 CLOSE_WAIT 20225/keepassxc-pro
tcp 1 0 192.168.42.245:60362 172.67.153.104:443 CLOSE_WAIT 20225/keepassxc-pro
tcp 25 0 192.168.42.245:39074 151.101.113.137:443 CLOSE_WAIT 20225/keepassxc-pro
tcp 7890 0 192.168.42.245:34738 209.216.230.240:443 CLOSE_WAIT 20225/keepassxc-pro
simple ip2location domain :
104.20.214.50 .... CloudFlare Inc.
117.18.237.29 .... edgecast.com
151.101.113.137 .. fastly.com
172.67.146.206 ... CloudFlare Inc.
172.67.153.104 ... CloudFlare Inc.
209.216.230.240 .. M5 Computer Security
I tried several times, had to lock password-DB out of fear.
This bug/issue is not addressed by Firefox, claim KeePassXC team on their issue-tracker-logs.
I'm in a limbo, is Firefox breaching user privacy without their knowledge; what data is being transferred to remote servers by keepassxc-proxy?
Should I abandon Firefox; isn't it the most secure (or configurable) browser out there?
Should I change passwords of hundreds of accounts now?
I'm using AutoTyping where ever it's possible & often wished they had auto-type separately for Username & Password; you know for pages like firefox or google account logins.
cheers
Developer response
posted 5 years agoThis is not the first time the issues rises its head from the depths.
Here's the KeePassXC-Browser issue: https://github.com/keepassxreboot/keepassxc-browser/issues/100
And here's the Mozilla one: https://bugzilla.mozilla.org/show_bug.cgi?id=1463873
Again: this is a Firefox bug. If you look the connections keepassxc-proxy makes with Chromium-based browsers, you'll see none.
And to clarify: keepassxc-proxy does not make any connections. These are file descriptors that are leaking from the parent process (Firefox).
Here's the KeePassXC-Browser issue: https://github.com/keepassxreboot/keepassxc-browser/issues/100
And here's the Mozilla one: https://bugzilla.mozilla.org/show_bug.cgi?id=1463873
Again: this is a Firefox bug. If you look the connections keepassxc-proxy makes with Chromium-based browsers, you'll see none.
And to clarify: keepassxc-proxy does not make any connections. These are file descriptors that are leaking from the parent process (Firefox).
720 reviews
- Rated 5 out of 5by Thrillhouse, 15 days ago
- Rated 4 out of 5by Helkin, 21 days agoGreat extension, love this on my Fedora 43 computer.
I would have love to have this work on Bazitte with it’s firefox in a flatpak - Rated 1 out of 5by FartPie, 24 days agoCurrently completely broken with more restrictive privacy configurations due to a bug (#2672) that was reported over two months ago and patched over a month ago - and still not released.
I would have thought show stopping bugs would be worth a point release, but apparently not.Developer response
posted 23 days agoDear FartPie (love the nick btw), we've been collecting a bunch of various fixes and new features for the release, and it will be published soon. The bug you mentioned was not really high-priority, and not affecting many people so it didn't require a separate hotfix release. - Rated 5 out of 5by Davide, a month ago
- Rated 5 out of 5by ESM44, 2 months ago
- Rated 5 out of 5by Omar Kotb, 2 months ago
- Rated 5 out of 5by Firefox user 18499562, 2 months ago
- Rated 5 out of 5by Ender Dobra, 2 months ago
- Rated 5 out of 5by Lilith D. Bracken, 2 months agoKeePassXC-Browser is a great companion for the KeePassXC password manager. It makes filling in passwords and logging into sites quick and secure, without having to copy and paste manually. The integration is smooth, easy to use, and keeps your credentials safe. Perfect for anyone who wants strong password management right in the browser.
- Rated 1 out of 5by Firefox user 19484545, 3 months agoAll of a sudden the connection between the extension and the app has broken and the extension doesn't function in any useful way. I'm surmising it's something to do with an update to Firefox to version 143.0.
- Rated 5 out of 5by Tinto, 3 months ago
- Rated 5 out of 5by Aquiles Vaesa, 3 months ago
- Rated 5 out of 5by Firefox user 17451381, 3 months ago
- Rated 4 out of 5by late night traveler, 3 months agoAfter updating to 1.9.9.3, some sites (such as Reddit) can no longer detect the login field. I'm in trouble.
Developer response
posted 3 months agoThis happened because of better protections against clickjacking introduced in 1.9.9.3. The issue with e.g. Reddit is already fixed, and we are doing another release soon. Thanks :) - Rated 5 out of 5by vanoc, 3 months ago
- Rated 5 out of 5by Dfaure, 4 months ago
- Rated 5 out of 5by bunnie, 4 months ago
- Rated 5 out of 5by Vasilis, 5 months ago
- Rated 5 out of 5by Firefox user 19145735, 5 months ago
- Rated 5 out of 5by ForestFunk, 5 months ago
- Rated 5 out of 5by Firefox user 15206531, 5 months ago
- Rated 5 out of 5by lexer, 5 months ago
- Rated 5 out of 5by Firefox user 17152885, 5 months ago