Good morning. running Chromium and using its password manager? It uses an unencrypted sqlite database for your secrets ``` $ file ".config/chromium/Profile 1/Login Data For Account" .config/chromium/Profile 3/Login Data For Account: SQLite 3.x database, ... sqlite3 ".config/chromium/Profile 1/Login Data For Account" sqlite> .tables i_credentials password_notes sync_model_metadata logins stats meta sync_entities_metadata sqlite> SELECT * from logins; ... ``` if you're on Linux, Chromium integrates well with system keyrings like KDE wallet. that means it'll encrypt your secrets and unlock them when you log in. This can be especially nice if you restart a system frequently. I restart one of my systems once or twice daily, and unlocking Bitwarden is getting a bit tedious. ``` chromium --password-store=kwallet chromium --password-store=gnome ``` if you use nix, you can set a policy to have Chromium use the system keyring (kwallet). Here's my NixOS policies for Chromium: ``` programs.chromium = { enable = true; extraOpts = { # https://chromeenterprise.google/policies/ "SpellcheckEnabled" = false; "DefaultSearchProviderEnabled" = true; "DefaultSearchProviderName" = "Kagi"; "DefaultSearchProviderSearchURL" = "https://kagi.com/search?q={searchTerms}"; "SearchSuggestEnabled" = false; "DefaultSearchProviderSuggestURL" = ""; # 1=Allow, 2=Block, 3=Ask "DefaultGeolocationSetting" = 2; "DefaultClipboardSetting" = 2; #"DefaultNotificationsSetting" = 2; # "PasswordManagerEnabled" = true; "PasswordStore" = "kwallet6"; }; }; ``` Is there a setting that you always toggle when you create a profile? you can declare it here has a policy, forever. if you use nix home-manager, you can configure extensions that'll always be present in all your profiles ``` chromium = { enable = true; extensions = [ { id = "nngceckbapebfimnlniiiahkandclblb"; } # Bitwarden ]; }; ``` the home-manager module even supports doing that for other derivatives of chromium ``` chromium.package = pkgs.brave; ``` Bitwarden's UI got re-hauled last year and I haven't liked it as much ever since. Using it on my desktop which has long-lived boot sessions makes sense. Using it on my VR machine/workstation makes less sense these days.
