[franga2000]

It took me a while to come around, but Bitwarden finally convinced me. Both the clients and servers (there are third-party implementations) are open-source and besides the security audit they had some time ago, I also checked some components myself to reassure myself that all outgoing data is in fact encrypted and that the decryption is done client-side.

The only way I can see someone getting to my passwords is by getting malicious code into the browser extension and/or mobile app. That means the only viable attacks are through Mozilla and Google, who I already have to trust for my browser and mobile OS.

[Corrado]

I too, resisted the urge to go with a password manager for a long time and finally ended up with Bitwarden. I like that its OSS and I have the option of running it myself, if necessary. More importantly, I can pay someone to run it for me; hopefully this means they will stick around.

I don't really mind having my passwords hosted somewhere else by someone else. I don't really trust myself to do it properly and I have a lot of other things to worry about. If I ever end up being an "important" person I can always export my passwords and save them locally. Or more likely run my own instance of Bitwarden.

NOTE: Reading through most of the answers here makes me think that everyone is hording state secrets or has billions of $$$ in the bank. I just want to log into my airline and check in for my flight, or comment on HN. I'm not trying to keep a state actor at bay.