why do so many security researchers suggest giving up autofill though it seems convenient? Because there are so many flaws of it, like Mathias Karlsson, a security researcher, found a shocking bug in URL parsing when studying the autofill function of the LastPass browser extension in 2016.