Someone manages to maliciously sneak username and password fields onto a site that store what is entered as soon as it’s typed. They don’t even have to be visible to the user and bitwarden will fill them in as soon as the page loads.
Right, “maliciously sneak”, as in they’ve either gained access to make changes to the site ditectly, or they’ve found a way to inject their scripts to steal creds.
gaylord_fartmaster@lemmy.world 1 day ago
Someone manages to maliciously sneak username and password fields onto a site that store what is entered as soon as it’s typed. They don’t even have to be visible to the user and bitwarden will fill them in as soon as the page loads.
Serinus@lemmy.world 1 day ago
Bitwarden will only autofill if the domain matches.
gaylord_fartmaster@lemmy.world 1 day ago
Right, “maliciously sneak”, as in they’ve either gained access to make changes to the site ditectly, or they’ve found a way to inject their scripts to steal creds.
Serinus@lemmy.world 1 day ago
And how is that any different from not having a password manager?