@Evono
I understand your point, and you’re right — in the everyday user space, adoption of new technologies like passkeys or TOTP isn’t widespread yet. But that’s exactly why we need to start educating and encouraging the shift from traditional passwords to more secure alternatives.

Here are a few things to consider:

Passwordless doesn’t mean less secure. In fact, many passwordless systems (including passkeys) are built on strong public-key cryptography, which is far more secure than traditional passwords. Unlike passwords that can be guessed or stolen, a private key used in passkey authentication stays on your device and is never sent over the network. Passkeys and password managers are not the same. While some people store their passkeys in managers like 1Password or iCloud Keychain, passkeys themselves cannot be phished or reused. The authentication is based on a challenge–response system using public/private key pairs, not shared secrets. TOTP is useful, but not a complete solution. TOTP does add a layer of security, but it’s still vulnerable to phishing and time-sync issues. WebAuthn/FIDO2 is designed to be phishing-resistant because it only works with the correct origin (domain) and doesn’t transmit secrets that can be intercepted. Email is risky precisely because it's still tied to passwords. That’s another reason why passwordless is important. If you protect email accounts using passkeys or security keys instead of just passwords + TOTP, they become far more secure.

The more complex a system (password + TOTP), the higher the chance of user error.
People forget to back up TOTP, lose their password, fall for phishing, or lock themselves out. Passwordless methods simplify access while actually reducing these points of failure — assuming the device is secure.

To use passwordless authentication methods, we don't need to buy expensive hardware security keys. We can take advantage of Apple ID, Windows Hello, or Bitwarden.

Back to the original idea: if Vivaldi only offers a password manager and doesn’t include a TOTP generator, that’s not really a problem. We can still use Bitwarden or Proton Pass, which can store usernames, passwords, TOTP generators, and even passkeys — all in one place.
Does that sound risky? Not really. As long as we keep our Bitwarden or Proton Pass account secure, we can enjoy entering passwords and TOTP codes from a single place with just a few clicks.
However, if a system already supports passwordless authentication (especially passkeys), I’d always choose that and disable password + TOTP login entirely.

@far4 said in Chrome extensions with 6 million installs have hidden tracking code:

@Obiwan2208
Very easy 2 google it 🙂

But someone would have to be headless to install an extensions with names like that.....

IMG_20250418_015944.jpg

these are all named so non tech savvy people and the everyday joe installs them sadly , theres tons of people that fall for stuff like that.

Not surprised sadly.

@DoctorG
Hallo DoctorG!
Das Idee scheint mir ganz gut. Ich versuche das tun. Ich hoffe das wird mir lösen das Problem. Danke fürs Hilfe.

@Flemmingcarlsen LibreOffice can open many Office files.
I do not know if you need 100% compatibility to Windows users. In the past there were f.ex. so many Word file versions which could give some strange layout. That is the bad Microsoft monopolist forcing users on incompatible formats.

@xuanfengpg The sensitive data in your profile are already encrypted, and the key is protected by your computer account login password.

Additionally, an attacker with physical access to your computer (or have been able to remotely access your OS) is not part of the browser's threat model, because once the attacker have access to your computer they can install literally anything on it, physical keyloggers or keylogger apps, to malware, and your security password for any apps is very simple to discover and obtain by such units or apps.

IOW: If you don't keep your computer physically and computationally secure, your data is toast anyway if it is attacked.

As for a lost/discarded computer, as long as your password is reasonably secure, the OS encryption used should be safe enough (provided a secure password), but usually I would say that when discarding a computer, the disk should be securely wiped first.

Thank you very much @Pathduck.
I had this field unchecked, what I didn't do was delete the saved passwords and that's why it kept appearing.
Now it's ok, thanks.

@HenryB1 If you haven't solved this already navigate to settings => search =>Search engine. Select the search engine you are using then add the following to your POST parameters ?kp=-2 (This is for duckduckgo so mmv - you might need to search for the POST parameter specific to your search engine) After a restart the engine should append that to every request and it'll return with safesearch off

@compis Your mistake is thinking that Vivaldi promotes itself as the most private browser.
The intent with Vivaldi is to provide a browser with all the functionality and options you need out of the box.
By default it is a balance between privacy and usability somewhere in the middle.
It tries to hit a Goldilocks zone where it is not to salty and not too sweet.

However you can make it more private, or make it less private.
The choice is yours.

@wintercoast I discovered today that I was almost up to my 10 GB free limit, which didn't make sense in my scenario. Then I discovered it was saving versions by default. I don't need versions, so I disabled and deleted them all.

So, something to be aware of for anyone else who might use this.

However, I also use Sync cloud storage, which gives less space for free (though you can get more via recommendations). It stores a version history for up to 30 days but it does not count against your storage.

When you restore a previous version, it replaces the current version of the file. The current version is then archived as a new previous version.

The restored version will now take up space in your storage, just like any other active file.

@Streptococcus And did you try in a clean profile? That's kind of been my point all along, but clearly people do not read what I write...

I actually get the exact same result as you - in my usual profile - because I run uBO with blocking ServiceWorkers (among other stuff). Once I disable uBO for those sites, works fine.

@SerebraSana
Hi, we are at Vivaldi 7.2, is Firefox up to date?
Many services block such old browsers for security reasons, this will not change if you cant update.

@brucelawson Forget it. For my case, it was Windhawk which makes Crowdstrike Falcon strike, it was indirect.
I guess Microsoft really don't want us to have a vertical windows bar...

So if anybody has the same issue and is using Windhawk, he can try uninstalling it beforehand.

@appsec These govt & consultants will learn fast when such dumb orders hurt US economy and infrastructure.

You could try Bypass.Ninja for that! It's free and works with pretty much all shortlink services. I've been using it for a while now - just paste any annoying link and it skips straight to the content. Saves a ton of time.