Why one shouldn't use cloud-based services.
I'm sticking to keepass. (I'm syncing the keepass file over a cloud, but I still have a local copy on all my devices against cases like these)
I'm sorry, what is your justification for not using cloud-based services?
Lastpass (like pretty much all of these online password managers) will work offline, so if the service goes down, you can still access your data locally.
Not the OP and personally less radically against cloud-based services... But storing something as critical as passwords with a SAAS company which is obviously going to be target of attack and may or may not have the engineering resources to provide a reliable quality of service... seems like a bad idea.
Google(Drive) at least I trust to have the engineering resources to keep data secure, perhaps not from government secret services but at least random hackers
They don't really store your passwords, just an encrypted blob that's openable with your master password (more accurately, a key that is derived from it using an expensive operation so that brute-forcing is unfeasible.)
You do need to trust them enough that they will never sniff your master password (AFAIK even the web vault is local only) but eg. the command-line client is open source, so you can at least verify their protocol.
That said, I might switch to bitwarden at some point purely because it can be self-hosted.
I just don't want to store my passwords in exactly the same way everyone else does. I'm not a high value target, so my threat model is a 3rd party getting screwed / screwing us. Just a little bit of customization should be enough to throw off whatever tools attackers will build to mass harvest.
I've been wondering why people keep saying this. Do they not understand how password managers work??? LastPass and 1Password both work offline, the cloud is just for sync. Oy.
For passwords, fully agree. This is how I make incremental backups of my keepass database (synced via Google Drive) so I accidentally bork a login in the file, I can go back to a previous version... https://gist.github.com/harryf/d23a1ceda84806a099782558fc317...
I had been on keepass for years. My wife never liked it. Last month, I switched to self-hosted bitwarden, hosted on digital ocean with automatic snapshots. The experience is so much better. Easy password management on multiple devices and now my wife actively uses it. Highly recommend.
A big part of why I use a password manager is so I can easily share passwords between devices and with my wife. While you can do this with a local service, it's a PITA.
All the downsides of online services are mitigated by:
1) Keeping a local backup of your passwords
2) Using a service which only stores encrypted vaults which are decrypted on your device with a locally stored password.
Lastpass (like pretty much all of these online password managers) will work offline, so if the service goes down, you can still access your data locally.