You're also potentially opening yourself up to any apps/tools that are keeping an eye on your clipboard if you're copying and pasting. Auto-type might help with that, but I also wouldn't hold my breath for such a feature coming.
Compromising everything is easier, it means you have to change the password for everything and know it was compromised.
If only SOME stuff is compromised then you don't know what was compromised so you end up having to change everything anyway.
I mean, that's at least my approach. I'd rather know I needed to keep an eye on everything rather than some things. At least then I know I can take appropriate precautions.
Its a poor argument for choosing browser extensions over cut & paste because the circumstances where it has an advantage are incredibly specific.
I agree that malware that has that power could do something else, but the parent post incorrectly asserted that the specific attack of keylogging would work, which it doesn't. I wasn't arguing that as the reason to use them over copy/paste.
The main thing extensions save you from is phishing attacks because they verify the origin of the page is correct for the entry, which is a really common attack and a hard thing for humans to verify consistently, and doesn't require any malware on your machine.
A lot of time you can attribute compromises to ignorance rather than malice.
So an app that is stupidly logging the clipboard and doing dumb things with that data, rather than being a malicious app.
Not much can help you if an app on your machine is in a position of power.
I think the separation of concerns outweighs the KeepassXC<->Browser integration part.
If your computer is compromised (meaning occasional copy&paste is not secure) you have WAY more problems than only Keepass and phishing.
