Reviews for KeePassXC-Browser
KeePassXC-Browser by KeePassXC Team
40 reviews
- Rated 3 out of 5by Firefox user 13746947, 2 months agoIt works nicely, the only real issue I have, is even when setting redirects to infinite, the prompt to save a username and password still gets tossed out after the redirects happen. It simply does not work on most sites these days. So I have to resort to saving generated passwords and entries into notepad and manually inputting everything before creating a new account or changing by password.
The other issue is, most fields will not accept the a newly generated password when using the Password Generator + Apply function (I am not making a mistake and just using a password generator from the application, I am correctly right clicking on the field and using the generate password option).
If these two issues could be rectified, then this thing would be flawless. - Rated 3 out of 5by Firefox user 17339709, 5 months ago
- Rated 3 out of 5by Gongloss, 7 months agoBasically broken, like, apparently, all third-party password extensions.
Often doesn't find passwords for sites. Tells you every single time that you've updated the password and asks if you want to resave it, so you have no way to tell if the password has actually changed. It always says it has, whether it has or it hasn't.
Can't find TOTP codes even when they're in Keepass, you have to go copy them by hand.
All-around seems like a half-finished, "beta" release that is almost ready for use, but not quite.
It is extremely nerve-wracking to constantly be told the password has changed, and have to stop and think about whether it has and whether you want to save it, every single time you log into a site. Worse, you can only see this before you have logged in, before you know if the login was any good... it disappears as soon as you're in.
So, basically, it keeps you on your toes, always keeps you guessing and uncertain about what's going on... exactly what you DON'T EVER WANT A PASSWORD MANAGER TO DO.
Extremely disappointing.
EDIT: Response to the developer's comment below: The user guide, which is one mammoth long page from a page 2 or 3 levels deep on the website, contains one instance each of the phrases "new password" and "banner", neither telling me anything about how to fix this. I searched for the word "changed" too, that doesn't appear anywhere in the document at all.
Also, when you do need to use that banner, the buttons don't do anything. Click them, they sit there. Did they work? Did they not? Did anything get saved? No way to know.
I truly hate to criticize a FOSS project but this is really just awful design, to the point I don't trust this thing. If I don't know when passwords are new or not, or whether it's saving them or not, and I have to scour a huge 12,000 word single-page wall of text that doesn't turn up the information I need even when I search it for the specific terms the developer told the manual would instruct me on, so I can't find the new password banner settings by searching for "new password" or "banner" then, sorry, I have to nope out on it. I'm just not reading a 12,000 word manual to figure out how to use a password manager.
Just for fun, I printed the gargantuan "manual" page to a PDF. It's a single page that's 49 pages long when printed. That's what I'm expected to have read just to figure out how to get a password manager to work. That's not a user manual, it's a novella.
I scrolled slowly through the eldritch document's 78 different screenshots to see if there was one of the banner in question, to maybe tip me off where its behavior is documented. If there is one, I could not find it.
I did find the section on the browser integration plugin and read it through carefully, twice. It says nothing about that banner, or how to understand it, or get it to work in a way that seems to make sense. I'll limp along with copying and pasting codes from KeepassXC for TOTP since there's no way I'm going back to Authy or using Google Auth, but for passwords, I've had to go back to the limitations of just using Firefox's built-in password manager. I'd hoped for a better solution than that, but... :-\Developer response
posted 7 months agoIf a password is always offered to a site, or it doesn't find your passwords, your entry URL is probably incorrect. Use the simplest possible form of the URL, for example https://example.com.
Users can modify the settings how the new password created banner is displayed. Reading the User Guide is highly recommended. - Rated 3 out of 5by Jürgen1, a year ago
- Rated 3 out of 5by Firefox user 17981047, a year ago
- Rated 3 out of 5by Matte Eldon, a year ago
- Rated 3 out of 5by Firefox user 17800756, 2 years agoUnter Windows 11 bekomme ich die Erweiterung nicht mit einer bestehenden KEEPASSXC-Instanz gekoppelt. Bei WIndows 10 ohne Probleme mit den gleichen Schritten.
Warum ?? - Rated 3 out of 5by Firefox user 14565033, 2 years ago
- Rated 3 out of 5by ha3flt, 2 years agoIt would be fair to mention everywhere the well-known problem with snaps on Ubuntu that dramatically cripples the usability of this otherwise great software. Ubuntu is just the largest Linux distribution by far, and you've lost it...
As I said some years ago, you need an alternative way of communication. Shouldn't be so hard, Mozilla Docs says you can use sockets to communicate with local applications (by Native messaging). It's presumably just plain TCP/IP. Even password managers are mentioned as examples...
Time has come - already in 2021 but I postponed the upgrade so far -, and there is no apt-based version of FireFox as a second choice anymore in Ubuntu, only the Snap Store-based, so we are doomed. I will not go backward installing a browser from a place out of the Ubuntu's own ecosystem. Thank you.
---
My response to your response:
Thank you, but an alternative means an alternative. If not the Native Messaging then an encrypted file or similar would have been developed as a way of communication. We talk about years... No way that a FireFox extension can't and couldn't communicate with the outer world.
But as I'm reading here, see the link below that is really easy to find, no doubt, the problem not handling the Native Messaging correctly is in the browsers themselves, and it is already _solved_ after some years in FireFox (in 105..108 betas so far), KeePassXC is working (!) in the tests, I'm about to try it soon. So you are also not informed well enough for some reason...
https://forum.snapcraft.io/t/call-for-testing-native-messaging-support-in-the-firefox-snap/31055/36
It is only in the Beta channel until the next version of FireFox, probably since it is a fresh development from this summer, but it is OK to me because there is a snap of every FireFox beta as well in Ubuntu, and I can install it in parallel to the non-beta version for now if I want.
As I told you, Ubuntu decided sometimes earlier to go with only the snap version of browsers and even if I'm not hundred percent sure it is the best way to go forward, I will not install the less safe and unsupported apt version of browsers again.Developer response
posted 2 years agoThe problem here is with Ubuntu Snaps, not with our extension. And the problem is.. with the Native Messaging support. Other extensions are affected too. At this point Ubuntu 22.10 should already support our extension with Firefox as Snap. You can find the info easily. It's also possible to install apt version of Firefox.
We have been using Native Messaging with the extension since the development started in 2016-2017. - Rated 3 out of 5by aa357, 2 years agoCan you please tell me how to make it apply passwords to both password fields? Currently when I click on generate password on a password field it applies a password only on that field and when I click on generate password on the second field it a different password. Also when pressing on the add-on it just says "redetect password fields" which is why I have to do each field like described above.
Developer response
posted 2 years agoPlease make a new issue to GitHub with details (what page are you using etc.), thanks. - Rated 3 out of 5by rodnet, 2 years ago
- Rated 3 out of 5by heheich, 2 years agoHello. In the "Connected Databases" menu, I try to delete them, but they are not deleted. If they can't be deleted, what is the Delete button for? I click on it but nothing happens
Something I'm afraid for the safety of my data, my databases do not remain with anyone if they cannot be deleted? - Rated 3 out of 5by Brad, 2 years agoRough around the edges. While largely functional, I routinely run into these two problems.
1) Firefox often reports that this extension is slowing down my browser and gives me a button to stop it (my browser feels locked up for 5-10 seconds when this occurs.)
2) Sometimes the extension auto fills on the browser, and sometimes I get this little red question mark on the extension icon, I have to click on that, then select it to auto form fill. I can't figure out why this happens or how to disable it.
The good news is that the entire system is great for working with yubikeys, which I love for serverless password store security. - Rated 3 out of 5by Firefox user 17416689, 2 years agoWith respect to functionality the add-on works generally very well. Unfortunately, even with newest versions of Firefox, listing open port connections still shows several open connections from the keepassxc-proxy add-on to sites like googleusercontent.com, cloudfront.net, amazonaws.com and akamaitechnologies.com. Developers claim that this is a bug in Firefox beyond their control, however, the open ports are reported specifically for the keepassxc-proxy process, not for the parent firefox process. This behaviour is not particularly trust inducing.
Developer response
posted 2 years agoThis is not the first time this issue is mentioned. And still, it is a Firefox issue. Native Messaging launches a child process from the browser, and for some reason Firefox also copies the socket handles to the child process. Because of this the proxy shows connections to locations it doesn't have an access to. Some of the handles can be connections that are already terminated. The only thing the proxy does is listening for stdin and connecting to a local Unix socket by KeePassXC. Anyone can take a look at the source code and verify this, or compile a build manually where the problem still exists. - Rated 3 out of 5by Luciano Taurino, 2 years agovery useful extension, works perfectly on every Operating System allowing a smooth browsing keeping safe my passwords
unfortunately, it doesn't works on Firefox snap version (nowadays snap is default on Ubuntu) - Rated 3 out of 5by Caleb, 3 years agoWorks great on most websites, but really struggles on others. I can't get it to work at all on Twitter, Reddit or iCloud.
- Rated 3 out of 5by dhananjay, 3 years agoNot as smooth as expected. connection to application is not opened sometimes and had to click on icon to establish it. "your password has changed" prompt comes even if it has not been changed. also saving new password is a miss more times that it is a hit. you just have to hope that banner will appear. Most of time I manually go and add the password as a entry.
- Rated 3 out of 5by Firefox user 15536911, 3 years agoDoesn't work in Ubuntu 21.10 out-of-the-box. You have to uninstall the default snap version of firefox and then install the host version. Would be nice if this was in the documentation.
- Rated 3 out of 5by Firefox user 13658959, 3 years agoDefinitely a little buggy, unlike the main app. Once had an issue where the banner for updating an entry showed up despite the credentials not differing, the banner failed to appear on the next page despite being set to appear after infinite redirects, then on my next login on a different website I was notified that my database had changed despite me not interacting with the banner or database, I said to discard changes, after which the main app froze. Restarting the app usually fixes things, and when the extension works it works well.
- Rated 3 out of 5by michelbling, 3 years ago
- Rated 3 out of 5by Firefox user 16781362, 4 years agoWorks only for a part of sites. For all others just can't fill in credentials. Also when creating a new account a pop-up bar displayed to store new data. But click in it produces error "can't save credentials". Meanwhile the database is connected and unlocked.
So I decide the plugin to be quite buggy. - Rated 3 out of 5by Firefox user 13543214, 4 years agoWould love official support for Waterfox on Windows. Unfortunately the Custom Browser feature seems to be MacOS and Linux only for now.
Developer response
posted 4 years agoYou can use Waterfox with the new Custom Browser feature. You'll just need to add the Native Messaging script folder path to the settings. - Rated 3 out of 5by Firefox user 15535259, 5 years agoВиснут некоторые сайты из-за этого дполнения. Не всегда находит пароли
- Rated 3 out of 5by Firefox user 15304175, 5 years agoFor the most part, this functions ok and I'm able to use it. Unfortunately, for some sites (such as https://cards.barclaycardus.com/) it just doesn't seem to detect the un/pw fields even after I manually select them. Barclay's site is particularly strange. When I "choose custom login fields" I get two of the "overlays" for choosing fields. I have issues on Community America Credit Union's site as well, which might have something to do with the fact that the login form "pops open" when you click in the username field. I haven't really had any issues connecting to my KP database, mostly just issues with the auto-fill/field detection. Thanks for the all the hard work though, I appreciate it. I'm sure over time these kinks will get ironed out.
EDIT: PopOS! 18.04 (so ubuntu 18.04) & Firefox 69.0.1Developer response
posted 5 years agoIf you change your entry URL to https://barclaycardus.com/ the login iframe will be detected correctly if you fill the credentials manually from keyboard shortcut or from the context menu. CACU site didn't have any problems with the latest release, even if the login form pops open. - Rated 3 out of 5by Orion, 5 years agoNice extension but it may take some time to understand how it works and some sites become extremelly slow because of it, in my case it is Jenkins (configuration pages, plugins page).
Also, it lacks some features:
- save extra fields, like account name/number, etc (e.g. AWS)
- it does not populate login and password on some sites, although it can save them (e.g. Sonatype Nexus)