PSA: Hackers can steal your username and password for a web site utilizing an embedded iframe. It is a weak point for all password managers, and most have addressed the flaw in numerous methods, together with issuing warnings when customers are on a login web page with an iframe or not trusting subdomains. Bitwarden is the only real exception, having decided in 2018 that the menace was not vital sufficient to handle.
In its help pages concerning “Auto-fill,” Bitwarden advises customers to show off…
