This is not an issue of usability. It is a question of caution in one way vs caution in another. If I protect my right, I expose my left, if I protect my left, I expose my right.
If I don’t use bookmarks or password manager, then I am susceptible (more so) to spear phishing attempts. Links left on forums, or sent in PMs, trying to direct me to the fake websites where my pseudonyms are well known. This is why the pseudonym issue does not effect me. I have a well known identity (pseudonym) already established. And as a part of this, I have people who will try to steal my credentials, and gain access to my cryptocurrencies, and personal information.
So, it needs to be easy and convenient for me to confirm I am on the proper hidden service. BitWarden is one way to accomplis this.
It is convenient and usable, but I before Bitwarden I was quite comfortable using KeePassXC, which can store URLs and launch TorBrowser, along with storing the credentials for all the sites I visit. As well as crypto seeds and private keys and such.
That system is still in place anyway. But it is not convenient or practical to open KeePassXC every time I want to confirm a url.
BitWarden kills many birds with one stone, which is why I am so carefully trying to determine if it is an excessive risk or not.
I am not talking about anything fly-by-night, I am talking about a very popular open source project. Just to be clear.
Thank you all for all of your input, This has all been very enlightening. Intuitively, I could not really see what harm BitWarden was doing. It doesn’t really do anything besides detect password fields and will auto-type your password and username for you. I couldn’t really imagine how this could be harmful, so long as there wasn’t some header or something I was missing that is screaming “BITWARDEN IN USE”.
I obviously couldn’t be sure, but as I said, the risk it is protecting me from is substantial. There are a LOT of phishermen out there trying to get access to crytocurrency accounts.
It is quite common to see fake links to XMR.to’s hidden service, trying to get you to send the fake site your Monero. An error like this could be catastrophic.
Once again, thank you all, and I highly recommend you give Bitwarden a try. It is a very nice replacement for things like LastPass. It can be run locally with no need for remote servers. Has very good open source encryption, etc etc
Otherwise, I recommend you use KeePassXC over the other variants. Very active open source community.