[pornel]

For average user they are. They allow humans use long passwords without reuse. They're resistant to phishing. Online sync is necessary for multiple devices.

It's just LastPass that's uniquely bad. I don't understand how they are still in business. Their security track record is a series of embarrassments. Their UX is poor. Their browser extensions slow down the whole browser. And apparently their privacy is also suspicious.

But OTOH Firefox Lockwise/Sync is client-side encrypted, and the server just holds an opaque data blob for you.

[toyg]

> I don't understand how they are still in business.

For products this critical, that handle a relatively large amount of per-user data, inertia is massive. Once you get used to it, the thought of moving tens or hundreds of items to another service is daunting, for the average nontechnical user. (Yes, I know it's just "export this, import that", but for nontechies even the first step can be scary - "what is this thing I get? Am i deleting stuff? Where do I save it? Is this the right format? ..." etc etc). They had a couple of wobbles, "so what? Everyone gets hacked, even Facebook".

I've moved to Bitwarden years ago but I know I'm niche.

[jve]

> I don't understand how they are still in business.

Dunno. UX was okay, it was easy to use. They were very responsive to fix security bugs (you can't blame having a security bug, but you can if they ignore it. Otherwise you should start by ditching your favourite OS)

Former Lastpass user.

[istjohn]

I will say, though, as someone who just switched, 1Password is significantly nicer.

[simias]

>But OTOH Firefox Lockwise/Sync is client-side encrypted, and the server just holds an opaque data blob for you.

Back when I used lastpass that's also how they handled it (you can read through their open source command line client to see how it's implemented under the hood, it's fairly straightforward).

I agree that its UI was pretty clunky though.