@DK1 Could you do the test that I had suggested? It will take 5 seconds:
i already removed bitwarden from chrome on all profiles. I am just using the desktop version for now.
I do appreciate your input and spending time on this but its just âoddâ to just leave it be.
as a note: all profiles have the exact same extensions, nothing is configured out of the ordinary (meaning how it installed it is how it is configured). I dont use chrome sync, ever.
I love BW on my IOS devices so it wonât quickly vanish from usage but for now, not inside my browsers on my PC/
You are, of course, free to do that. But in doing so, you are losing both the convenience that autofill offers and the defense it offers against look-alike sites (because autofill will fail).
Seems an unlikely trade-off, given that the new permission (âdisplay notificationsâ) is an inherent capability of an installed desktop app. And the request has been confirmed as authentic in this forum by a Bitwarden employee.
By my risk-calculus (everyoneâs is different), losing the defenses autofill offers seems like the bigger risk than Bitwarden potentially throwing annoying alerts in my face.
The only thing âoddâ is your reaction (although, as @DenBesten already noted: to each their own). Why does the requested permission to display notifications bother you, but you were apparently OK with using the browser extension while it âonlyâ had permissions to:
- Read your browsing history
- Read and modify data you copy and paste
- Communicate with cooperating native applications
The new permission (displaying notifications) has none of the potential privacy or security implications of the permissions that you previously granted, so it does not make sense to me why you ever installed the Bitwarden browser extensions (if a request to permit display of notifications was enough to make you uninstall the extensions).
Even if youâre assuming the worst, and believe that Bitwarden is going to use the new browser extension permissions to perhaps serve up spam advertising, why not wait until you see the actual notifications being displayed before deciding that this is not for you?
There are plenty of popular feature requests for useful functionality that would require the browser to have permissions to display notifications. For example, users have requested implementation of features such as toast notifications to identify which account is being autofilled, notifications of pending Emergency Access requests, notifications of master password compromise or other suspicious activity, and other types of push notifications. Is your opinion that no such features should be developed, because it is more important to refuse giving the browser extension permission to display notifications?