Is Norton Password Manager safe to use?

Norton Password Manager has a risk level of CRITICAL with an overall risk score of 9.6/10. Our scan detected 391 security findings. This extension has significant security concerns — review the full report before installing.

What permissions does Norton Password Manager request?

Norton Password Manager requests the following permissions: contextMenus, notifications, storage, tabs, webNavigation, webRequest, alarms, clipboardWrite, scripting, privacy. It also requests host access to: , https://*.norton.com/*, https://cloudconnect2.norton.com/*, https://login.norton.com/*, https://www.citi.com/credit-cards/citi.action*, https://accountonline.citi.com/cards/svc/LoginGet.do*, https://appleid.apple.com/auth/authorize*, https://idmsa.apple.com/appleauth/auth/signin*, https://idmsa.apple.com/appleauth/auth/authorize/signin*, https://store.steampowered.com/checkout/*, https://login.vivo.com.br/loginmarca/appmanager/marca/publico*, https://www.zara.com/webapp/wcs/stores/servlet/OrderPaymentPage*, https://www.zappos.com/checkout/address*, https://www.zappos.com/checkout/pay*, https://www.zappos.com/checkout/initiate*, https://secure-luxury.zappos.com/checkout*, https://secure-luxury.zappos.com/checkout/pay*, https://secure-luxury.zappos.com/checkout/address*, https://www.northwest.bank/*, https://www.amazon.com/gp/buy/shipoptionselect/handlers/display.html*, https://www.amazon.com/gp/buy/payselect/handlers/display.html*, https://www.amazon.com/gp/buy/addressselect/handlers/continue.html*, https://www.amazon.com/gp/buy/shipaddressselect/handlers/continue.html*, https://nid.naver.com/nidlogin.login*, https://direct.kinecta.org/9002Kinecta/AOP/Password.aspx*, https://mycw39.eclinicalweb.com/*, https://ib.absa.co.za/absa-online/login.jsp*, https://www.hautelook.com/checkout*, https://www.uniqlo.com/us/en/billing-checkout/*, https://www.ifixit.com/cart/place-order*, https://www.qvc.com/webapp/wcs/stores/servlet/BillingDetailsView*, https://www.hobbylobby.com/checkout/multi/payment-method/add*, https://www.tirerack.com/ssl/PaymentOptions.jsp*, https://www.abercrombie.com/shop/OrderCheckoutDisplayView*, https://www.footlocker.com/checkout*, https://www.dickssportinggoods.com/DSGPaymentViewCmd*.

What is Norton Password Manager's risk score?

Norton Password Manager has an overall risk score of 9.6/10 (CRITICAL). Breakdown: Permissions 10.0/10, Code 10.0/10, Combinations 10.0/10, CSP 5.9/10.

ExtSafe

Norton Password ManagerSecurity Analysis

Chromev8.2.5.1175MV3February 16, 2026 at 03:11 PM

9.6CRITICAL

9.6 CRITICAL

This extension shows critical risk indicators. It requests highly sensitive permissions combined with suspicious code patterns. Proceed with extreme caution.

Based on 46 permissions including high-risk ones, 349 code findings, 3 dangerous combinations.

Dangerous Combinations(3)

HIGHTab tracking + external communication

Extension tracks open tabs and communicates with external servers — potential browsing surveillance.

tabs+external network request

CRITICALNetwork interception + external communication

Extension intercepts network traffic and sends data externally — potential man-in-the-middle behavior.

webRequest/webRequestBlocking+external network request

CRITICALAll-sites access + keyboard capture

Extension has access to all sites and captures keyboard input — behavior consistent with a keylogger.

<all_urls>+keylogger_pattern

Permissions

10.0/10

Code

10.0/10

Combinations

10.0/10

Manifest/CSP

5.9/10

Permissions(46 analyzed)

Code Findings(29 patterns, 349 total)

Libraries(11 detected)

11 libraries detected, 2 with known vulnerabilities

Content Security Policy

No CSP Defined(1 issue)

MEDIUM

N/ANo CSP defined

This extension does not define a Content Security Policy. A CSP helps prevent XSS and code injection attacks.

Manifest Analysis(2 findings)

Resolved from __MSG_* i18n placeholders:

Name: Norton Password Manager

Description: A cloud-based password manager that makes it easy to log in to your favorite sites.

MEDIUM

web_accessible_resources.matchesOverly broad match patterns

Web-accessible resources use <all_urls> or wildcard patterns, exposing resources to every website.

MEDIUM

content_scriptsContent script injected on all URLs

Content script matches <all_urls>, executing on every website the user visits.

External Domains(85)

${a.default.cct_url${a.default.cdn_url${a.default.idsafe_portal_url_search${a.default.nsl_domain${f.default.cdn_url${i.default.cct_url${i.default.cdn_url${i.default.idsafe_portal_url_search${i.default.nsl_domain${o.default.cdn_url${p.default.cdn_url${s.default.cct_url${s.default.cdn_url${s.default.idsafe_portal_url_search${s.default.nsl_domain${t*169.254.169.254aa.coaccesstoken.idsafe.norton.comaddons.mozilla.orgaws.amazon.combbit.lycdn.registerdisney.go.comchromewebstore.google.comcognito-identity-fips.us-east-1.amazonaws.comcognito-identity-fips.us-east-2.amazonaws.comcognito-identity-fips.us-west-1.amazonaws.comcognito-identity-fips.us-west-2.amazonaws.comcognito-identity-fips.{regioncognito-identity.{regiondocs.aws.amazon.comejemplo.comeksempel.comesimerkki.comexample.comexemple.comfb.mefeross.orgformatjs.iogendigital.qualtrics.comgit.iogithub.comgz0s1l0bj0.execute-api.us-east-1.amazonaws.comidentitysafe.norton.comidmsa.apple.comlogin.yahav.co.ilmedialize.github.iomicrosoftedge.microsoft.commths.bencs-spoc.firebaseio.comns.adobe.como2-ds.norton.como2.norton.comoidc-fips.{regionoidc.{regionpdfmake.orgpolyfill.ioportal.sso-fips.{regionportal.sso.{regionpurl.orgreact-native.canny.ioreactjs.orgredux-toolkit.js.orgredux.js.orgsafari-extensions.apple.comsentry-antitrack.nortonlifelock.comsentry.iositedirector.norton.comsnspoc-pool-gtm.norton.comspocnotify.norton.comstatic.nortoncdn.comsts-fips.{regionsts.amazonaws.comsts.{regionsupport.norton.comtools.ietf.orgwww-cs-students.stanford.eduwww.aiim.orgwww.opensource.orgxxn--e1aybc