It’s both; however if you’re going to fix the problem, imho better to do your best actually fix it, rather than get a false sense of security.
I’ve seen way too many browser exploits and way too many dumb decisions by browser vendors to trust them any more than absolutely required 
Well, that’s my take. YMMV, etc.
1 Question, 1 Paranoid Delusion:
Saving files within KeePassXC, storing your SSH Keys, these additional functions don’t compromise the encryption or security in anyway do they? Don’t know enough about the hardcore backend of the encryption process to figure that out for myself with any amount of confidence. I assume any files you attach are just encrypted with the same key as the database itself, yes?
Paranoid Delusion:
Favicons…they can track you on the web…hope they can’t do anything once downloaded into your database?
Pretty sure Keepass encrypts the database with 10,000 rounds of AES.
I almost feel embarrased to ask this, but is Google Chrome’s inbuilt password manager reasonably secure? It’s very convenient and makes it very easy to randomly generate passwords and sync them across devices, and everything I’ve read suggests it’s secure enough but it’s never mentioned in places like this.
I’m using KeePass in 2 ways: 1 way in a shared Samba server (for shared accounts) - tends to get corrupted when multiple people try to access it, even without writing to it. The other way is by manually rsync / scp it to all my devices whenever I make a change in one of them. The later method, I basically have a backup to my KeePass, which is important to me because I literally have no idea what generated thing is inside each account. Also, this way, I never had a corrupted DB, compared to 2 corrupted keepass dbs when accessing the same file on multiple computers using samba.
I used SyncThing a long time ago, but I don’t really remember why I got scared of it and removed it… I saw a random IP subnet (either a private class A, or a public 100.something, don’t remember) that was not mine, when syncing between separate LANs at home (my wifi network and my wired network), but I’m a fanatic of simple stuff anyway, so rsync between Linux boxes, WinSCP on Windows and PrimitiveFTP on Android with sshfs mount on my main Linux PC and it’s all I need. As mentioned above, I only sync whenever I make a change.
I hope I’m not too late with this comment, a video is already up (joined this discussion after I watched that).
I wouldn’t trust the built-in password manager. For one, it used to be plain-text (as thro mentioned) and 2, using JS basically any rogue website can grab your accounts. I prefer using KeePass without extension, just using the Auto-Complete function whenever possible (unfortunately things like flipping Google, Cisco and Quantum Workplace require you first complete your username, hit next, load another page, then enter your password, which is very dumb and I can’t use auto-complete with them, just copy and pasting my accounts).
Even if Google has 0 privacy, usually their tools are secure. However, I doubt there aren’t some exploits written in JS to grab your accounts and credit card information, if you save this kind of data in the browser. I always separate accounts from the browser. Do one thing and do it well… however, browsers are the most bloated software that everyone is using, basically doing everything from document viewing (html / pdf), to playing music and video, viewing images, transferring files etc. I abhor the modern web. But that’s just me. As for KeePassXC, it works wonders when I have to fill out accounts when the password box is one tab away from the account box.
We run keepass here at work via Windows file share (actual windows, not samba) and have not had any corruption in … 8-9 years?
You do need to be aware of the need to select “synchronise” if someone has saved the database while you had it open and modified something but other than that, no issues.
I also sync my personal DB to my phone, Mac, etc. via OneDrive.
Another happy Bitwarden user here. I can highly recommend it…
KeePassXC keep the key on an sd card.
keepassxc-browser works great
buddy does this and loves it, pretty good for security
KeePass on iOS devices with sync via OneDrive doesn’t allow you to edit the database atm. OneDrive changed something so third party apps have only read only rights on iOS and iPadOS
I switched to Bitwarden a few months ago, and have no interest in going back. It works so well, on all platforms. It has less issues on my Android phone than LastPass, is free and open-source, syncs easier, and has an actual dark theme. It doesn’t have the marketing budget of Lastpass and much less other password managers like Dashlane but it works really great, is feature complete, feels incredibly polished by even paid service standards, and completely free. The only reason to use any other password managers is because you don’t know it yet or you want more control that KeePass offers.
Long time KeePass(XC) User here.
Tried to switch to Bitwarden a few months ago because of general curiosity and a few issues with KeePass but didnt like it in the end.
Disclaimer I’m biased towards KeePass because it’s what i’ve known and loved for quite some time. The new Icon and App design is gorgeous btw!
Syncronizing with a file over a Cloud is a bit cumbersome imo and introduces a few small issues for me with file conflicts. Mostly because the android app doesnt close the file propperly → updating the file fails → file version chaos.
Other than that, I love it!
The Name is a bit meh 
I dont like the standalone Browser addon and much prefer the KeePassXC Method. Why? Because I need a Desktop app for making new Entries, And any Passwords that that are not browser-related (Games, Mail, SSH…) And then it’s just an inconvenience to unlock the Database again every time i open Firefox when the desktop app is already unlocked.
Minor Complaint: the desktop ap is quite space-inefficient (takes a lot of screen real estate on laptops…)
Making sure “SD” card lives to its name, huh?
The way I look at it, the browser is a huge and complex mostly monolithic piece of software that is constantly exposed to potentially malicious input.
I’d suggest that the browser password manager is perhaps better than nothing, but IMHO its most definitely the wrong place to store your passwords. What I’d be looking for in a password manager is something as simple as possible.
file sync? no, leave that to a dedicated tool. its less code in the password manager exposed to “bad guys”.
etc.
I think the browser password store is acceptable as better than nothing, but I don’t think it’s been audited in any way and access to it is simply your google account password, so if that’s stolen, they have access to your passwords.
I like having password managers have their own dedicated authentication, so you can set a much stronger passphrase.
I have begun using bitwardenrs in unraid since theres something in the ‘apps’ repo for it.
seems legit despite not being actually bitwarden.
If I had it my way all of you fuckers would be leraning dow to build yoir own yubikeys but eh.
It’s a pity something like squirrel never took off.
It’s authentication pretty much done properly.
For those on iOS and/or macOS , KyPass is good
It’s another keepass client but on both macOS and iOS supports touchID for database unlock.
DB 100% keepass2 compatible. I use the same dB with keepass2 on the windows side.