[alpaca128]

> if a company does this, they are essentially killing themselves

...or they have to do it because of the NSA and weirdly 99% of users don't care or don't have the means to do anything about it.

Companies aren't trustworthy, they are bigger targets but also targets with thicker armor.

I just go with the offline route, KeepassXC runs well enough for me and is compatible with phones. I need to handle data sync myself but it's not like I change or add new passwords every day.