Do you have one or multiple with different purposes? Extensions?
I was using:
Tor
Mullvad (when Tor blocks site)
Brave (when I want to browse with LibreRedirect extention, e.g. video streaming)
Firefox (with VPN split tunneling for when I need to reveal actual IP address e.g. government sites)
But now that I want to incorporate a password manager extension, I don’t know what to do. I also like my default zoom and dark mode, and am considering Tor and Mullvad to be overkill. Curious on what other people do.
Primary Browser – Firefox Hardened
This is my daily driver, I use for 90-95% of my browsing. It is the browser I consider most ‘balanced’ between my various priorities (namely privacy + security versus not breaking things and not negatively impacting usability too severely). While I consider fingerprinting resistance a goal for this browser, its not a top priority so it takes a back seat to other priorities (e.g. I don’t use letterboxing in this browser). Extensions include: uBlock Origin, a password manager, e-mail aliasing extension, skip redirect, and smart referer, and libredirect. (for more info, see: arkenfox project on github).
Backup Browser – Brave
This is what I use as my fallback (for testing, for the rare times a webpage won’t load in my primary browser, or for situations where I need a Chromium based browser). It’s a pretty standard setup, no extensions, adblocking/tracking and fingerprinting protection both set to strict/aggressive, and the Brave features I don’t want/need disabled.
Streaming – Chromium (vanilla)
I use the Chromium flatpak as a streaming browser. It is the least strict browser I use, and I only use it for a couple specific streaming sites that I prefer to stay logged in to permanently. Basically this is a Browser-as-a-glorified-netflix-app.
When blending in with a crowd matters – Mullvad Browser or Tor Browser
No additional extensions, no modifications.
Honorable mention that I do not actively use – Librewolf (if I didn’t manually harden Firefox to my liking, this is what I would use as my primary browser).
I mainly use Firefox, which is what I use for “browsing around”. I have it with uBlock Origin with default lists in hard mode, and I “downgrade” to medium and easy until the site I’m visiting is usable. My thinking there is that I treat uBO difficulty modes as Tor browser’s safety modes. I might try Mullvad browser to reduce fingerprinting, now that it’s more mature.
When my browsing will lead tu purchasing something, i.e. I’m searching for something I might buy, I use the Tor Browser, to reduce the chances of price discrimination.
For “serious” accounts, linked to my real identity such as banking, I use Safari.
Most of the time I have Mullvad VPN with ad-boocking Mullvad DNS
I explicitly use the Tor Browser on my Kicksecure-Debian laptop as my main, on Secure settings. Ain’t the best, but doesn’t broke stuff as much, and it fairly useable as it is.
And then, Librewolf as a backup. If one website doesn’t accept any of those, too bad. I ain’t checking them.
On my main browser however, I just use a lightly configured stock Firefox browser to prevent myself to stick out a bit. I was too annoyed to have to fix each and any website i consult with more advanced hardening configuration. I do run the suggested PG settings, with rFP and cookie sandboxing and all.
My main phone is just Vanadium because it’s the defacto default and already webview integrated in the system for grapheneOS. The plain suggested firefox for my second Linux phone, because those are still in-active development and might cause issues if i touch too much of it.
I think its the first time I’ve seen someone else use a very similar setup to mine in Firefox with uBlockOrigin. It is not very common to see that advice in this forums, but I find it like a happy medium to easily and quickly un-break sites while still maintaining control of which scripts load or not. And not having to go through all the user.js stuff.
LIbrewolf + bitwarden for general browsing
Mullvad instead of opening a private window in Librewolf
Brave for youtube and any other interactions with Google (because it’s Chrome-based)
Ungoogle Chromium for anything that doesn’t work
All of this is behind Mullvad VPN and pihole + DNSCrypt.
Why? What benefits are big enough in Goldwarden that exceed/justify the additional potential risks? (By risks, I’m thinking that Goldwarden is a tiny project maintained by a single individual of unknown credibility, competence, consistency, and trustworthiness (unknown to me, they may be known to you)
I tested it a couple of days, and decided it is worth to switch (or try), as I do not like how extensions work.
Sure, trusting the Dev is very important here, but being open-source project and knowing how ssh works, I decided it is trustworthy enough for more security and convenience over extension.
So far, I like it a lot. I do not strictly recommend it, still testing, more like a notice for an alternative.
The maintainer is very active and known individual in the Bitwarden community, and commits code regularly. He is also the person who implemented Argon2 to Bitwarden.