Using Password Managers With Browser Extensions Are Bad Idea

by OneLock Security Team


Posted on April 7, 2017



Few years back before OneLock went live our security engineering team decided not to use browser extensions/plugins because it reduced the security so we went with plain raw HTML5 and Javascript. We knew if using browser extensions we were going to open up more doors for an attack. The analogy is similar to having many outside doors of your house. More doors you have more possibilities of thieves breaking in. A recent article was published about a vulnerability in browser extension that impacted LastPass and few other online password managers that use browser extensions.


You can read more about the article here.

OneLock is designed to give you the ultimate online data security. We knew by not adding browser extension capability to OneLock we were going to lose some features like auto-fill and auto-login. We choose security over convenience just because we believe in writing secure code.