I store all of my passwords in firefox’s built-in password manager. They auto-fill into websites, sync to my phone, notify me if one appears publicly, and I can generate strong new passwords conveniently. The pw vault is stored encrypted in the cloud as far as I know, but I don’t really know the technical details. I presume that it’s just as secure as using a “proper” manager.
Is there a problem with not using a dedicated password manager? I used to use LastPass but then… I stopped. And at the time I didn’t see anything wrong with just sticking with FF.
Using Firefox is fine right? If so, what’s the benefit of something like BitWarden/etc over the built-in one?
Depends on the extension. If it auto-fills without interaction, it can be tricked into auto-filling credentials. Extensions like the one for KeePassXC only auto-fill after you clicked on the auto-fill icon.
Interestingly, auto-filling can also be more secure than just typing in your credentials, because the extensions will only fill if the site URL matches, where as people can be tricked into thinking they are on a different site.
It’s not auto-fill that is insecure, it’s auto-fill without interaction.