- Rated 1 out of 5by ReduxPL, 4 years agoDoes not support keyfile-only databases.
E: It's critical for me, I only use one database and for the sake of convenience I'm only using a keyfile for it. I'll be happy to turn the rating into 5 stars once it's fixed :)This issue is fixed in version 2018.9.23. Could you please update your review?
This can be added fairly easily. I'll take a stab at it this weekend. Are there other problems that lead you to leave a 1-star review, or is this just a really critical feature for you?
For future reference, feature requests are easy to add on https://github.com/subdavis/Tusk/issues/new
- Rated 2 out of 5by Firefox user 13482846, 4 years agoMust say, i tried really hard to make it works but still 401 error for no reason, also putting on cloud technology your datafile sounds a bit unwise.
Have potential to be great but UI needs big improvements to reach a larger publicThis problem has been resolved in version 2018.9.16. Could you take another look and update this review?
If there are other UI / usability issues, you're encouraged to submit an issue to ttps://github.com/subdavis/Tusk/issues -- Thanks.
- Rated 5 out of 5by Dany Paredes, 4 years agoThis add-on works perfect without issues with easy integration with KeePass databases, This is a great solution if you are trying to move from LastPass to KeepPass and want a web extension.
- Rated 5 out of 5by Anonymous user 0ecd3e, 4 years agoIt just works. Installation, import of database and access to passwords is easy.
Autofill works on most major sites that I have tested. However, autofill does not seem to work on the Mozilla Addons login page.
- Rated 3 out of 5by Firefox user 14169441, 4 years agoIt might be useful to let people know somehow that if you're using OneDrive (and likely a few of the other 'cloud' options as well), you have to create a sharable link before the database file will be recognized... I spent HOURS trying to figure out how to get the file to be detected... but everything I've found is always about Google Drive...
Well here, hopefully someone will see this!
The app itself is clunky but gets the job done. Its not very pleasing to look at when interacting with it either... But oh well, again it gets the job done. It gives zero feedback to if anything is working in terms of linking a database file... You just tick a slider, it'll ask for your permission, and then..... nothing.... you have no way to know if it worked. No error if it doesn't, and no 'success!' when it works. You just gotta click up there on that tiny icon and wonder 'is it working?'.
Well, if you don't see your database file instantly up there, then no, its not working. So go check to make sure you have a shareable link with full permissions on it.... otherwise it apparently will never show up...Hello! Thanks for the review, particularly the complaint about feedback after authorization.
For anyone reading, the part about needing to to create a sharable link is mostly incorrect. You shouldn't need to do anything for tusk to recognize your keepass database other than name it ending with .kdbx
However, the collective experience is that the OneDrive API is very unreliable, to the point that I am considering removing support for OneDrive. Here's what happened:
Tusk: Hey OneDrive, do you have any files with with the extension kdbx?
* you shuffled some options around, inadvertently causing OneDrive to discover the file. It should have worked the first time.*
Tusk: Hey OneDrive, how about now?
OneDrive: Yes! Here they are.
I'll make a note of this, since apparently creating a sharable link causes stale indexes to get updated or something like that. Thanks again.
- Rated 5 out of 5by Firefox user 14092311, 4 years agoI'm giving it 5 stars, but with two minor crits.
One: you don't include sync.com as one of your cloud providers, which, given that they're probably one of the most secure options available (even they can't access your data) is a shame. I keep my kdbx file in my sync box, but I was still able to add it as a valid option by using the "local file" option. (Like most cloud options, they provide local file access).
And, having added that and my keyfiles, and entered the master password, I duly went hunting for a trial site to test it on. This is where you scored big time. I have been a Keefox user for a couple of years. Up until firefox went quantum and keefox went bananas and ditched the most important functionality in their plugin. I refer to the ability to use the extension simultaneously as bookmark database AND autofill ("Find and Fill" functionality).
If I want to login to one of my email accounts, I just want to type in email and get a reasonably short list of contenders, click on the one that matters, get taken to its login page and have the username and password fields completed automatically. Keefox stopped doing that and made it clear that they weren't even going to try to find a way to do it which would be compatible with the new Firefox environment. Their ludicrous suggestion was that I bookmark the relevant password protected sites. (I have over 800)
But you've done it. And what you've sacrificed to make that possible is entirely rational and makes much more sense than what they've done.
Setting up the username and password for an account is something you (generally) only do once for a given account. But you might visit that account thousands of times. Which would you rather lose - the automatic capture of credentials (a one off) or the automatic "find and fill" option which you'll need forever? It's a bleedin nobrainer!
The second criticism actually cost you a star, until I figured out my mistake and edited this review. You need to make the "remember" option slightly more obviously relevant to the PASSWORD DATABASE. I looked at it and ignored it, (assumed it was site specific instead of relating to the password file) after "find and fill" on my first test site. Went to another and the sodding password file was locked. That was because I'd left the "remember option" on "don't remember" instead of my preference (remember until browser exit).
Otherwise thumbs up
2 observations after a couple of days using it:
1 Displaying the Keyfile name is almost as bad as displaying the password in plaintext. Strongly suggest you hide that.
2 Can we have a way to store preferences (like the "Remember" option above)Hey there! There's a lot here to respond to, but I'm going to try.
1. Sync.com is completely impossible to support. They provide no developer APIs or authentication. It's a shame, but no amount of effort on my behalf will make sync.com work.
2. Making the remember password meaning more obvious is definitely a goal. Actually, a lot of the controls in Tusk need better explanation. I'm pretty much out of space to put anything else on that line, but a hover dialog or something in the wiki is needed... I agree with you there.
3. I disagree that showing the keyfile name is bad. KeeWeb, KeePassXC, and KeePass2Android all do this. The keyfile doesn't provide security by being "obscure", i.e. a secret file on your computer. It provides a second factor of security. You combine "something you know" (master password) with "something you have" (a keyfile) to get strong encryption. Google "security through obscurity" for a great discussion on this topic.
4. Do you mean exporting settings so you can move them between browsers? This would be a great feature, but right now there aren't very many settings to keep track of, so it isn't much of a burden to get set up how you want it. As the settings complexity grows, I imagine this will happen.
Thanks for the detailed feedback and review!
- Rated 5 out of 5by RomanK., 4 years agoI moved from Chrome to Firefox and looked for keepass-less solution for on Firefox similar to CKP on Chrome.
Tusk just filled CKP's boots perfectly.
Maybe only one feature could be improved is to able keepass key file from cloud and not locally, but that is not critical for me as long as is database is available online.
In ideal world to be able to edit database, but that is also great for me as read only.
For me it was last and completing step from migrating from Chrome to Firefox, TY!!!
- Rated 4 out of 5by Oliver Rahner, 5 years agoI've been using Kee for some months now but the implementation seems somewhat hacky, plus I had to have Keepass always open. When I read the description I loved the idea of direct cloud service connection and having WebDAV really is the swiss army knife interface to almost all self hosted services.
I really miss auto-fill-in (without any manual intervention) and one-click credential adding to the database though... IMHO no Keepass based plugin reaches the level of perfection of LastPass there...
EDIT: Sorry, read-only functionality is clearly stated... While I understand the impliciations for security, from my perspective the balance between security and usability is off here... updated to 4/5
Developer responseposted 5 years agoThanks for the feedback. While these features are convenient for the user, they compromise the security of your extension and your personal security. Moreover, Tusk is documented as read-only and does not indicate that it is able to edit your database.
- Rated 4 out of 5by Firefox user 14042029, 5 years ago4 star but it will become 5 star if only i can use it...
Indeed to have a better security level my keepass database is saved in the cloud but it has'nt any extension (instead of the usual .kdbx); in that way non one can link the file to Keepass.
Tusk don't love this setup because don't recognize the file.
I don't think it will be a big problem to allow the manual selection of database file......
...so 5 stars can be incoming ;-)
Developer responseposted 5 years agoHey there! Thanks for your review. For anyone reading in the future, I want to clarify that saving your keepass database with a different file extension to "hide" it doesn't increase your security and is actually kind of pointless. The reason is that while file "extensions" are a convenient way for the operating system to identify types of files, they are actually betrayed by their "magic numbers".
Because of the way every cloud storage provider implements their API, Tusk would need to be redesigned with a "file picker" rather than looking for kdbx extensions. This isn't something I'm likely to do.