- Utilize the Optional Permissions on Firefox/Chrome
- It will make it so the Bitwarden extension can’t exchange messages with programs for users that won’t benefit from granting Bitwarden this permission, such as those that haven’t installed the app.
Agreed, won’t update the extension until a fix is released. If it stops working, well, time to switch to the competitor once more…
Very much agree with this. Forcing communication with other apps is somewhat against the grain of an open source security & privacy focused piece of software. Me personally? I’ll leave it enabled to take advantage of Touch ID. (My understanding is that Touch ID is the benefit of enabling this?)
That being said, I only have Touch ID on one computer. I don’t have it on other computers where I have Bitwarden installed. In those instances I would rather disable it to reduce the threat surface.
Thank you to Seth for bringing forward this feature request.
We’re looking into a way to make the permission optional. It is documented that it is not possible to make
nativeMessaging an optional permission with web extension APIs (which is originally why it was released like this), however, upon further trial, it appears we still can in Chromium browsers. However, Firefox still does not allow it to be optional so it would have to be left global there.