Someone manages to maliciously sneak username and password fields onto a site that store what is entered as soon as it’s typed. They don’t even have to be visible to the user and bitwarden will fill them in as soon as the page loads.
Right, “maliciously sneak”, as in they’ve either gained access to make changes to the site ditectly, or they’ve found a way to inject their scripts to steal creds.
gaylord_fartmaster@lemmy.world 2 months ago
Someone manages to maliciously sneak username and password fields onto a site that store what is entered as soon as it’s typed. They don’t even have to be visible to the user and bitwarden will fill them in as soon as the page loads.
Serinus@lemmy.world 2 months ago
Bitwarden will only autofill if the domain matches.
gaylord_fartmaster@lemmy.world 2 months ago
Right, “maliciously sneak”, as in they’ve either gained access to make changes to the site ditectly, or they’ve found a way to inject their scripts to steal creds.
Serinus@lemmy.world 2 months ago
And how is that any different from not having a password manager?