Do you have a link for that claim on LastPass? I use the extension and am wondering if I shouldn't use an PM extension thats more reliable in terms of security. Any recommendations obviously welcome.
The LastPass issues are all pretty old at this point - I mostly mention it to drive in the point that getting this stuff right is hard. (For what it's worth, the researcher who found those issues has good things to say about LastPass: https://twitter.com/taviso/status/1167311357957435392 and also fairly negative things to say about 1Password, which is what I happen to use.)
IMO a password manager is an extremely critical piece of software that I'm ok with if I trust its security model.
There are a couple whose security models I do trust. However, merging those security models with random extensions that may or may not have full run of all code executing in the same context as my password manager is a hard no. It's baffling to me that any legit password managers go to the trouble to write and support browser extensions, given the risk. It's betting your reputation for security on a very small amount of user convenience.
