Browser plugin question

Hello,
I just wonder if it is technically possible that a plugin or just a website is able to get access to the unlocked Bitwarden addon (e.g. in Safari or FF)?!
Well, I am sure it is not. It would be a huge problem, also for other password addons.
It it the browser making it secure (like sandboxing?) or the addon itself?
Is it better to lock the addon direct after opening and getting the password?
Greetings,
Claus

It is always possible if there is a determined hacker with the needed skills. FYI - I leave my BW logged in but locked when not in use. I am using a FF browser in Linux. However; one of the best and easiest solutions is to create a unique FF profile for those few accounts where you need BW to access accounts. Don’t know if you are familiar with FF profiles but each profile stores the activity and credentials in a UNIQUE location on your drive. Then I use other FF profiles for general surfing or reading around. Those profiles cannot access each other. So, in my case e.g. my bank online in the BW FF profile I trust therefore it is very safe to access. When I am reading around on a forum I never use this BW profile on FF. You can place icons on your desktop making it extremely easy to open each mission based profile.

Just trying to help. Most leave their BW logged in but locked, however many never consider how easy it is to protect their systems using unique profiles.

3 Likes