Strength:
• Open source. If you are not familiar with "open source", it means this add-on is more secure. Because its code is publicly available for review and contributions on GitHub at https://github.com/excitoon/MultiPassDisarmed
• Attractive WTFPL very permissive licence. This means the software code of this add-on app is owned and supported by a friendly not-for-profit community. Instead of a for-profit corporation. And more secure because its full code is publicly available for review
• Protects your privacy. No spyware. Because MultiPassDisarmed does not collect Google Analytics. Compare to MultiPass which does collect Google Analytics by default. Related ticket at https://github.com/krtek4/MultiPass/issues/46
• Regex support
• Export credentials to a JSON file
• Import credentials
• Easy to use

Challenge:
• Weak security. A not authorized person with access to your computer would be able to read anything stored using this add on. Such as HTTP Basic Authentication URLs, usernames, and passwords. Related ticket at https://github.com/excitoon/MultiPassDisarmed/issues/2

Using:
• Add-on version 0.74
• Firefox 52.8.0 (64-bit)
• Debian 8 Jessie 64-bit
• GNOME 3.14.1

Notes:
• Read more about analytics at https://en.wikipedia.org/wiki/Software_analytics
• Read more about spyware at https://en.wikipedia.org/wiki/Spyware