Recenzje dodatku KeePassXC-Browser
KeePassXC-Browser Autor: KeePassXC Team
Autor recenzji: aWalker
Ocena: 2/5
It's really a convenience to use this add-on with KeePassXC. But, there been an issue that has been raised several months back :
In my case
Firefox 83
KeePassXC-Browser 1.7.3
Ubuntu 20.04 LTS
`keepassxc-proxy` makes tcp connections to remote servers over internet & transfers data(with 36+ KB/s speed) without user permission under Linux root privileges.
tcp 0 0 192.168.42.245:52470 117.18.237.29:80 ESTABLISHED 20559/keepassxc-pro
tcp 0 392 192.168.42.245:34738 209.216.230.240:443 ESTABLISHED 20225/keepassxc-pro
tcp 1 0 192.168.42.245:49194 172.67.146.206:443 CLOSE_WAIT 20225/keepassxc-pro
tcp 1 0 192.168.42.245:53060 104.20.214.50:443 CLOSE_WAIT 20225/keepassxc-pro
tcp 1 0 192.168.42.245:60362 172.67.153.104:443 CLOSE_WAIT 20225/keepassxc-pro
tcp 25 0 192.168.42.245:39074 151.101.113.137:443 CLOSE_WAIT 20225/keepassxc-pro
tcp 7890 0 192.168.42.245:34738 209.216.230.240:443 CLOSE_WAIT 20225/keepassxc-pro
simple ip2location domain :
104.20.214.50 .... CloudFlare Inc.
117.18.237.29 .... edgecast.com
151.101.113.137 .. fastly.com
172.67.146.206 ... CloudFlare Inc.
172.67.153.104 ... CloudFlare Inc.
209.216.230.240 .. M5 Computer Security
I tried several times, had to lock password-DB out of fear.
This bug/issue is not addressed by Firefox, claim KeePassXC team on their issue-tracker-logs.
I'm in a limbo, is Firefox breaching user privacy without their knowledge; what data is being transferred to remote servers by keepassxc-proxy?
Should I abandon Firefox; isn't it the most secure (or configurable) browser out there?
Should I change passwords of hundreds of accounts now?
I'm using AutoTyping where ever it's possible & often wished they had auto-type separately for Username & Password; you know for pages like firefox or google account logins.
cheers
In my case
Firefox 83
KeePassXC-Browser 1.7.3
Ubuntu 20.04 LTS
`keepassxc-proxy` makes tcp connections to remote servers over internet & transfers data(with 36+ KB/s speed) without user permission under Linux root privileges.
tcp 0 0 192.168.42.245:52470 117.18.237.29:80 ESTABLISHED 20559/keepassxc-pro
tcp 0 392 192.168.42.245:34738 209.216.230.240:443 ESTABLISHED 20225/keepassxc-pro
tcp 1 0 192.168.42.245:49194 172.67.146.206:443 CLOSE_WAIT 20225/keepassxc-pro
tcp 1 0 192.168.42.245:53060 104.20.214.50:443 CLOSE_WAIT 20225/keepassxc-pro
tcp 1 0 192.168.42.245:60362 172.67.153.104:443 CLOSE_WAIT 20225/keepassxc-pro
tcp 25 0 192.168.42.245:39074 151.101.113.137:443 CLOSE_WAIT 20225/keepassxc-pro
tcp 7890 0 192.168.42.245:34738 209.216.230.240:443 CLOSE_WAIT 20225/keepassxc-pro
simple ip2location domain :
104.20.214.50 .... CloudFlare Inc.
117.18.237.29 .... edgecast.com
151.101.113.137 .. fastly.com
172.67.146.206 ... CloudFlare Inc.
172.67.153.104 ... CloudFlare Inc.
209.216.230.240 .. M5 Computer Security
I tried several times, had to lock password-DB out of fear.
This bug/issue is not addressed by Firefox, claim KeePassXC team on their issue-tracker-logs.
I'm in a limbo, is Firefox breaching user privacy without their knowledge; what data is being transferred to remote servers by keepassxc-proxy?
Should I abandon Firefox; isn't it the most secure (or configurable) browser out there?
Should I change passwords of hundreds of accounts now?
I'm using AutoTyping where ever it's possible & often wished they had auto-type separately for Username & Password; you know for pages like firefox or google account logins.
cheers
Odpowiedź autora
Data: 2 lata temuThis is not the first time the issues rises its head from the depths.
Here's the KeePassXC-Browser issue: https://github.com/keepassxreboot/keepassxc-browser/issues/100
And here's the Mozilla one: https://bugzilla.mozilla.org/show_bug.cgi?id=1463873
Again: this is a Firefox bug. If you look the connections keepassxc-proxy makes with Chromium-based browsers, you'll see none.
And to clarify: keepassxc-proxy does not make any connections. These are file descriptors that are leaking from the parent process (Firefox).
Here's the KeePassXC-Browser issue: https://github.com/keepassxreboot/keepassxc-browser/issues/100
And here's the Mozilla one: https://bugzilla.mozilla.org/show_bug.cgi?id=1463873
Again: this is a Firefox bug. If you look the connections keepassxc-proxy makes with Chromium-based browsers, you'll see none.
And to clarify: keepassxc-proxy does not make any connections. These are file descriptors that are leaking from the parent process (Firefox).
449 recenzji
- Autor: Brad, 2 dni temuOcena: 3/5Rough around the edges. While largely functional, I routinely run into these two problems.
1) Firefox often reports that this extension is slowing down my browser and gives me a button to stop it (my browser feels locked up for 5-10 seconds when this occurs.)
2) Sometimes the extension auto fills on the browser, and sometimes I get this little red question mark on the extension icon, I have to click on that, then select it to auto form fill. I can't figure out why this happens or how to disable it.
The good news is that the entire system is great for working with yubikeys, which I love for serverless password store security. - Autor: Firefox user 15166984, 16 dni temuOcena: 5/5Every day I get "Key exchange not successful" which forces me to restart the PC to get it working but apart from that, great tool.
I just keep the Keepass app open now and no more issues. The database locks with Windows.Odpowiedź autora
Data: 15 dni temuJust using the Reload button from extension popup should do it, and reconnect to KeePassXC if it's started after the browser. There should be no need to restart the whole PC. - Autor: anon, 18 dni temuOcena: 5/5
- Autor: bantamtabak, 25 dni temuOcena: 5/5Finally the password manager I have been looking for so long.
Top. Keep it up. - Autor: Firefox user 15078714, miesiąc temuOcena: 1/5浏览器点击更新密码会导致软件卡死,只能任务管理器结束运行,也是醉了,几个月的bug了!就是没人管
Odpowiedź autora
Data: miesiąc temu做一个更详细的错误报告:https://github.com/keepassxreboot/keepassxc-browser/issues - Autor: Firefox user 13421169, miesiąc temuOcena: 5/5
- Autor: Firefox user 14535942, miesiąc temuOcena: 5/5
- Autor: DivaSan, miesiąc temuOcena: 1/5Firefox browser plugin does not work anymore since I have updated to 2.7.1. On another PC with version 2.6.2 this plugin works fine. Please help.
- Autor: TecSAR, miesiąc temuOcena: 5/5
- Autor: Firefox user 13417922, miesiąc temuOcena: 4/5
- Autor: Orko, miesiąc temuOcena: 5/5
- Autor: Firefox user 17416689, 2 miesiące temuOcena: 3/5With respect to functionality the add-on works generally very well. Unfortunately, even with newest versions of Firefox, listing open port connections still shows several open connections from the keepassxc-proxy add-on to sites like googleusercontent.com, cloudfront.net, amazonaws.com and akamaitechnologies.com. Developers claim that this is a bug in Firefox beyond their control, however, the open ports are reported specifically for the keepassxc-proxy process, not for the parent firefox process. This behaviour is not particularly trust inducing.
Odpowiedź autora
Data: 2 miesiące temuThis is not the first time this issue is mentioned. And still, it is a Firefox issue. Native Messaging launches a child process from the browser, and for some reason Firefox also copies the socket handles to the child process. Because of this the proxy shows connections to locations it doesn't have an access to. Some of the handles can be connections that are already terminated. The only thing the proxy does is listening for stdin and connecting to a local Unix socket by KeePassXC. Anyone can take a look at the source code and verify this, or compile a build manually where the problem still exists. - Autor: Luciano Taurino, 2 miesiące temuOcena: 3/5very useful extension, works perfectly on every Operating System allowing a smooth browsing keeping safe my passwords
unfortunately, it doesn't works on Firefox snap version (nowadays snap is default on Ubuntu) - Autor: acaminiti, 2 miesiące temuOcena: 1/5
- Autor: DiscombobulaTED, 2 miesiące temuOcena: 5/5
- Autor: Ankit, 2 miesiące temuOcena: 4/5The extension should be able to detect urls even if the database is locked. When it detects it should ask the user to unlock the database to fill the username and password. Currently I have to unlock the database even for matching the urls.
Some of the website it doesn't detect username or password fieldsOdpowiedź autora
Data: 2 miesiące temuIt does detect URL's even when database is locked. If you click the username icon on the login field, KeePassXC will come front and asks you to unlock. After that a credential fill is done automatically. This applies if default settings are used. - Autor: Firefox user 12370795, 3 miesiące temuOcena: 1/5I had the same problem, as every body else concerning the fact that, KeePassXC-Browser add-on was NOT connecting anymore with the app (database). I just downgraded the app to version 2.7.0 and now it's working fine again.
UPDATE (2 month after)
Username/password entries have mysteriously disappeared from my database, so I'm uninstalling KeePassXC and it's FF extension.Odpowiedź autora
Data: 3 miesiące temuThere should be no changes between 2.7.0 and 2.7.1 concerning the browser integration. But of course we are investigating the possible issue. - Autor: Daniel, 3 miesiące temuOcena: 1/5Though the plugin is connected with the database it doesn't work correctly. It provides no credentials, no matther which website i'm using.
Odpowiedź autora
Data: 3 miesiące temuUsually the issue is with the entry URL's. The simpler URL, the more it matches. It's not suggested to use full URL's with path, variables etc. included. Just use addresses like https://example.com, https://subdomain.example.com or https://example.com/login.
If you cannot solve the problem, contact us on GitHub and make a new issue with details provided, thanks. - Autor: Kraig, 3 miesiące temuOcena: 1/5Would not fill in any sites that I went to. There seems to be a disconnect somewhere between the extension and KeePassXC. I like the idea of KeePass, but I need a way to use it with my browser. I see lots of people have this issue. Please fix.
Odpowiedź autora
Data: 3 miesiące temuUsually the issue is with the entry URL's. The simpler URL, the more it matches. It's not suggested to use full URL's with path, variables etc. included. Just use addresses like https://example.com, https://subdomain.example.com or https://example.com/login.
If you cannot solve the problem, contact us on GitHub and make a new issue with details provided, thanks. - Autor: gmanore, 3 miesiące temuOcena: 5/5
- Autor: Pjtak, 3 miesiące temuOcena: 5/5
- Autor: Firefox user 15997435, 3 miesiące temuOcena: 5/5