> Is there browser extension that allows you to interact with it without opening Keepass program?
I sure hope not.
For personal use: none for me. Instructions for deriving/obtaining my master password and physical key will be made available in any will or power of attorney documentation I get around to drawing up.
In DayJob there are several, though they are usually only temporary needs, such as:
1. We often get sent password-protected documents by clients, that more than one of us needs to read. It pains me how often I see an attached document on an email containing the password needed to open it… A shared password manager where someone can record the credential and mark who should be able to access it (or better have all credentials encrypted by the public keys of those who should be able to access them rather than just trusting a flag) would be less daftly insecure.
2. Distributing initial credentials for new assets or to new people, where those assets are not integrated with single-sign-on so nothing needs to be distributed anyway.
There are other ways to manage such situations of course, but a password management arrangement with a well-defined way of sharing credentials may encourage behaviour more secure than some of the ad-hoc solutions people regularly use.
Sometimes I write the password in a file in the home directory of a server we both access in ssh. It doesn't happen often, maybe not every year.
A customer has no servers, not a chance with them.
As you say, things can be more complicated for externals. I often don't have write access to much that they can read from, without putting in a request through infrastructure, for obvious separation-of-concerns reasons, because things we host/manage directly for them are well locked down, anything at their end is too, and most of our clients have white-list-only access to other resources.
Fedex/UPS only lets one account get detailed tracking numbers for an address, so I need to share my Fedex account. To check and pay my freeway tolls I'm only allowed a single account - so it gets shared. Plenty of people share all sorts of subscriptions, be they to Netflix, the New Yorker, or more. I need to share access to my insurance, to the utility bills, to sporting event tickets, to grocery store and pet food orders. On and on and on.
Also, for many of my accounts today, I use "Sign in with Google" so it's not even possible for me to share a password or credentials unless I share my whole Google account shebang.
My wife and I have a number of accounts we share a single credential for. There are a surprising number of services we access as parents that don't have the concept of shared ownership of content on the server side.
I'd bet there are other use cases as well. Off the top of my head, Hello Fresh also doesn't allow more than one login to manage the same subscription.
At work we use hashicorp vault, ansible vault, and cyberark for different things, but I still store my stuff in keepass. For personal use, I use keepass on dropbox, and it's worked incredibly well for almost 15 years now.
There's plenty.
> I sure hope not.
Why? I'm not suggesting to have an extension that has access to your file system. Bitwarden has browser extension that communicates to Bitwarden vault via HTTP and it's easy to autofill passwords or generate new credentials.
For throwaway accounts or demo accounts or any kind of new web service/app accounts, it's easy to memorize username and autogenerate a strong, safe password which are saved to vault.
You have the access to that same vault from a different device (smartphone etc), it makes interacting with passwords and its storage extremely easy and without mistakes.
I have quite a few shared passwords in my "family" vault in Bitwarden. Utility websites (electric, gas, water, internet, etc), streaming services, banking, credit cards, mortgage, car payments, car insurance, Chewey (manage pet food auto ship), probably others.
