Why Google allows apps to block a system service from inputting information is beyond my understanding, but it’s absolutely infuriating, and just discourages the use of these tools.

This is the really annoying bit

I’ve recently switched from Firefox’ vault to bitwarden.

I’d say it works 50% of the time. On desktop Firefox it just doesn’t manage to autofill things some days and I end up copy-pasting my credentials.

On mobile is happy to present me with suggested logins for a page. If I have one, pick or generate one, then it’s all dandy. If I decide I’d rather not, then there’s no way out of that view. I end up force-killing Firefox mobile. Maybe the app works better than the browser extension.

Proton Pass uses the keyboard to identify and fill passwords. It works really well.

That’s quite unfortunate to hear. I use Bitwarden along with Gboard and very rarely run into issues - I believe most password managers have a quick settings toggle that you can add into your notification drawer to maybe get around this? From what I know though, these generally use the Accessibility framework to function, and thus will heavily depend on your password manager - it also gives a lot more access to those apps than the built in autofill framework.

Conversely I remember Bitwarden’s autofill support on iOS being quirky when I last used it (which to be fair, has been a while - I’m sure its improved since then). IIRC it pretty much always worked in Safari (and Safari Web Views within apps), but the actual applications themselves wouldn’t always give me the autofill prompt.

For me though, regardless of the platform it still is far more worth using a password manager and unique passwords per-site than to use a single password (or even a handful) across sites. I hope autofill support improves for those that it doesn’t work well with.

Bitwarden(Vaultwarden for me) works fine for me. It does have few hiccups here and there but 90% it works flawlessly.

My only complaint is the passkey support for Firefox variant(Fennec in my case). Kinda weird design choice to have select browsers as trusted and make no other browsers work.

Bitwarden is reasonably consistent, but you have to have recently logged into it. Before I open an app that needs auth, I open bw and unlock my vault. Most applications popup login with bitwarden and it can handle 3 stage logins usually even when the ask for 2fa before password.

I have no specific basis to say so, but I distrust browser-based password managers on the principles of separation of function and mitigating risk. Strong my credentials in a browser just feels hinky, even with a master password. Too obvious of an attack vector. Rather, I use the KeepassDX variant with its MagicKeyboard feature. When I’m presented with a login prompt, I can use the keyboard switcher to launch KeepassDX, unlock my vault, and select the credentials entry. Then I can switch back to the browser (or app) and have MagicKeyboard enter the credentials for me.

It’s a few more taps than just that, but it’s a straightforward workflow that should mitigate leakage from my usual keyboard, clipboard snooping, and any hypothetical attacks against the in-browser vault workflow.

Plus, I know where my credentials are stored, can apply 2FA, and even back up the vault file to offline archives.

It works for me. “Cool story bro,” I guess, is my point.

Apple does better than the Android experience described in the article, but it also isn’t perfect. There are apps that don’t recognize that you need a password and are difficult to trigger the autofill (especially with a third party manager), and on very rare occasion it fails in the browser, too. It handles multi-page passwords just fine though.

Not trying to measure dicks or whatever, just giving a point of comparison. Without investigating, I wonder if some sites/apps don’t correctly indicate to the browser/OS that they’re passwords and what they’re for. I haven’t had real issues on my Android reader with proton pass, though that isn’t a huge set of apps I use.