You should turn off autofill in your password manager, and stop using some browser password managers altogether, argues a Czech security researcher.
"Most password managers have the autofill feature enabled by default, even though it reduces the security of the stored password," said Marek Toth, a penetration tester at Avast, in a recent blog post.
Autofilling is when your password manager fills in the username and password fields in a website's login page with your saved credentials without you actively prompting the password manager.
The characters pasted into the field can then be "read" by scripts present in the login page — such as might be preset in an online ad that has nothing to do with the page itself — and those scripts will be able to copy and send your username and password anywhere.