Vault-less browser extension, for maximum security

The problem

In this thread, I’m questioning the entire behaviour of the browser extension.

I think of the browser as the first line of attack, and so I have no trust in it.

When opening the vault from the extension… the entire vault is there, readily available.
Everything is possible: reading all passwords from all accounts is easy task.

Why is that so?
I think the extension should not have full access to the full vault.

Feature idea

Let’s imagine an alternative behaviour for the broswer extension:

  1. Cold start: the extension connects to the desktop app.
    It requests a limited copy of the vault that does not contains passwords.
    (only usernames + URIs)
  2. When auto-filling: the extension requests the desktop app for an access to this specific set of credentials .
  3. Confirmation: the desktop app shows a confirmation popup:
    “The browser {Chrome} wants access to your {} password. [YES] [NO]”
  4. When approving: the desktop app transmits ONLY the requested password/otp, and nothing else.


  • Full control over which passwords are allowed to get ouf of the vault, and when.
  • Mostly safe vault, even if the browser is compromised.
  • Easy login, no need to have the master password anywhere near the browser.