Reviews for KeePassXC-Browser
KeePassXC-Browser by KeePassXC Team
Review by Gongloss
Rated 3 out of 5
by Gongloss, 9 months agoBasically broken, like, apparently, all third-party password extensions.
Often doesn't find passwords for sites. Tells you every single time that you've updated the password and asks if you want to resave it, so you have no way to tell if the password has actually changed. It always says it has, whether it has or it hasn't.
Can't find TOTP codes even when they're in Keepass, you have to go copy them by hand.
All-around seems like a half-finished, "beta" release that is almost ready for use, but not quite.
It is extremely nerve-wracking to constantly be told the password has changed, and have to stop and think about whether it has and whether you want to save it, every single time you log into a site. Worse, you can only see this before you have logged in, before you know if the login was any good... it disappears as soon as you're in.
So, basically, it keeps you on your toes, always keeps you guessing and uncertain about what's going on... exactly what you DON'T EVER WANT A PASSWORD MANAGER TO DO.
Extremely disappointing.
EDIT: Response to the developer's comment below: The user guide, which is one mammoth long page from a page 2 or 3 levels deep on the website, contains one instance each of the phrases "new password" and "banner", neither telling me anything about how to fix this. I searched for the word "changed" too, that doesn't appear anywhere in the document at all.
Also, when you do need to use that banner, the buttons don't do anything. Click them, they sit there. Did they work? Did they not? Did anything get saved? No way to know.
I truly hate to criticize a FOSS project but this is really just awful design, to the point I don't trust this thing. If I don't know when passwords are new or not, or whether it's saving them or not, and I have to scour a huge 12,000 word single-page wall of text that doesn't turn up the information I need even when I search it for the specific terms the developer told the manual would instruct me on, so I can't find the new password banner settings by searching for "new password" or "banner" then, sorry, I have to nope out on it. I'm just not reading a 12,000 word manual to figure out how to use a password manager.
Just for fun, I printed the gargantuan "manual" page to a PDF. It's a single page that's 49 pages long when printed. That's what I'm expected to have read just to figure out how to get a password manager to work. That's not a user manual, it's a novella.
I scrolled slowly through the eldritch document's 78 different screenshots to see if there was one of the banner in question, to maybe tip me off where its behavior is documented. If there is one, I could not find it.
I did find the section on the browser integration plugin and read it through carefully, twice. It says nothing about that banner, or how to understand it, or get it to work in a way that seems to make sense. I'll limp along with copying and pasting codes from KeepassXC for TOTP since there's no way I'm going back to Authy or using Google Auth, but for passwords, I've had to go back to the limitations of just using Firefox's built-in password manager. I'd hoped for a better solution than that, but... :-\
Often doesn't find passwords for sites. Tells you every single time that you've updated the password and asks if you want to resave it, so you have no way to tell if the password has actually changed. It always says it has, whether it has or it hasn't.
Can't find TOTP codes even when they're in Keepass, you have to go copy them by hand.
All-around seems like a half-finished, "beta" release that is almost ready for use, but not quite.
It is extremely nerve-wracking to constantly be told the password has changed, and have to stop and think about whether it has and whether you want to save it, every single time you log into a site. Worse, you can only see this before you have logged in, before you know if the login was any good... it disappears as soon as you're in.
So, basically, it keeps you on your toes, always keeps you guessing and uncertain about what's going on... exactly what you DON'T EVER WANT A PASSWORD MANAGER TO DO.
Extremely disappointing.
EDIT: Response to the developer's comment below: The user guide, which is one mammoth long page from a page 2 or 3 levels deep on the website, contains one instance each of the phrases "new password" and "banner", neither telling me anything about how to fix this. I searched for the word "changed" too, that doesn't appear anywhere in the document at all.
Also, when you do need to use that banner, the buttons don't do anything. Click them, they sit there. Did they work? Did they not? Did anything get saved? No way to know.
I truly hate to criticize a FOSS project but this is really just awful design, to the point I don't trust this thing. If I don't know when passwords are new or not, or whether it's saving them or not, and I have to scour a huge 12,000 word single-page wall of text that doesn't turn up the information I need even when I search it for the specific terms the developer told the manual would instruct me on, so I can't find the new password banner settings by searching for "new password" or "banner" then, sorry, I have to nope out on it. I'm just not reading a 12,000 word manual to figure out how to use a password manager.
Just for fun, I printed the gargantuan "manual" page to a PDF. It's a single page that's 49 pages long when printed. That's what I'm expected to have read just to figure out how to get a password manager to work. That's not a user manual, it's a novella.
I scrolled slowly through the eldritch document's 78 different screenshots to see if there was one of the banner in question, to maybe tip me off where its behavior is documented. If there is one, I could not find it.
I did find the section on the browser integration plugin and read it through carefully, twice. It says nothing about that banner, or how to understand it, or get it to work in a way that seems to make sense. I'll limp along with copying and pasting codes from KeepassXC for TOTP since there's no way I'm going back to Authy or using Google Auth, but for passwords, I've had to go back to the limitations of just using Firefox's built-in password manager. I'd hoped for a better solution than that, but... :-\
Developer response
posted 9 months agoIf a password is always offered to a site, or it doesn't find your passwords, your entry URL is probably incorrect. Use the simplest possible form of the URL, for example https://example.com.
Users can modify the settings how the new password created banner is displayed. Reading the User Guide is highly recommended.
Users can modify the settings how the new password created banner is displayed. Reading the User Guide is highly recommended.