I really like the autofill option of the extension, but in my opinion it lacks a little of security. Currently, for comfort reason, I unlocked my vault until I close the browser, because otherwise I would have to move the mouse to the chrome extension icon, click, enter password, click the corresponding item and move the mouse to the submit button and click it.
Maybe it sounds a little stupid, but at least for me it is pretty annoying to move the mouse and my eyes. Also, with increasing screen size, the way between the login form and the extension also might increase.
To improve this process, I can imagine of three steps that build up on each other:
(0. The vault is by defaut locked)
- When the focus is on a login field (username- or password-field) the login mask to unlock the vault opens automatically
- Clicking on a button on an item in the vault first fills the login data into the login form, then triggers the submit-button
- The extension popup is pretty nice, but it requires to move the mouse to the extension and back. To reduce this, I can imagine of something like this:
When the focus hits a username or password field in the login form, the extension displays a lightbox directly nearby the form. After entering the masterpassword, you can easily choose with mouse or keyboard the correct item, hit enter (or click on it) and the extension continues with 2. If you want to add or modify an entry, you can still do this with the extension, but in practice you have to login much more, than adding or modifying an item.
With these steps enabled, security would increase, with just a little more effort