really cool app, very secure approach, but how can i share passwords to my desktop firefox or any other browser?

[kuvaldini]

No description provided.

[jenspfahl]

With the secure approach you lose comfort. That's always with security. At the moment there is no sync of the vault to other platforms. So the only way is to read the password from the app manually and input it in the browser by hand. To make this at least easier, the Pseudo Phrase passwords can be used, which are easier to type due to their word-like nature.

[kuvaldini]

i think sync is important, at least for reliability. sync is job for app like dropbox, and regular automated backups is cool feature for the app.

[jenspfahl]

The app ships of course a feature to backup the vault as a file, locally or through Google Drive, Dropbox or whatever. But this is only for recovery. To share credentials with a browser there is no implemented way like for other cloud based apps. The only option would be to take out all credentials unencrypted as a csv file and load this file to the browser.

[kuvaldini]

i like keepass' approach, addon which requests passwords and data from os-integrated application which keeps DB in memory in ecrypted but ready to use state.

[kuvaldini]

it even would be nice to request passwords from phone side from android app (this one) to browser extension via local network.

i think there should be one open-source browser extension where backend is changable.

browser extension (any client) can/may request not more than N passwords during M minutes of time.

full DB never should be sent.

how does that sounds?

[jenspfahl]

That's an interesting idea. I am thinking about something like this. Thanks for your input!

[kuvaldini]

i found that buttercup uses locust to detect forms on browsed page. That's part one.
we also need i think

1. server ability on phone app side; could that be some https server?
2. client in browser extension connected with locust.

sounds simple as usually, before implementation begins ;)

[jenspfahl]

Yes, I think one solution would be to add a websocket server to the app and a new browser extension which can connect to the app. By using asynchronous keys both parties could securely exchange credentials to be used in the browser for autofill. This would work fine if the same parties are in the same network.
To implement something like that would require a few months for sure. But I like the idea very much.

[kuvaldini]

i would like to be one of your first testers ;) , i can participate in browser extension testing and writing

[jenspfahl]

Cool thanks! Will come back to you when I have something ready.

[jenspfahl]

Hi @kuvaldini , I managed to invest some time to develop a beta version of a web extension whose purpose is to fetch credentials from the Anotherpass app.
If you are still interested in testing or code reviewing you can discover details here: https://github.com/jenspfahl/anotherpass-webext
As said, I am not an expert in JS/HTML/CSS, but the code should be straightforward.