[wokwokwok]

What on earth are you talking about?

There is no universe in which having a local encrypted key vault that is not online and not synced to the cloud is less secure than having a cloud synched version of the same thing.

There is literally no way that can possibly be less secure.

So if your argument is that the convenience of it makes it more secure … I dont know to say except:

you’re wrong.

> Not only do these services provide better convenience, they make you more secure!

Nope.

> By the way, getting hacked in the password manager does not mean all your passwords leaked.

Nope. That’s not what it means. It means your encrypted vault was leaked, which includes your passwords, if they bother to crack it.

> which I'd argue is a reasonable trade-off.

Well, at least it’s fair to say you saved that as an opinion; fair. Other people probably agree that the security risk of using an online password vault is worth the convenience of using it.

Fair.

…but, fundamentally less secure.

Anyone who chooses to manage their own passwords, offline, is choosing a more secure, less convenient alternative.

I think that’s fair too; and, given number of hacks to lastpass, okta, etc… not, perhaps, terrible advice.

You don’t need cloud synced passwords.

You just want that, because it’s easy.

[hackernewds]

You could get robbed of your physical key. simpler than an actual burglar. however they could not even do an autopsy of your brain to recover your cloud keys.

I don't feel too strongly about this, just replying since you were being an absolutist.

[_Algernon_]

If they can rob you they can also use the 5$ wrench attack to force you to give up your cloud password manager master password. So even in that case having a local vault is at least as secure as a cloud vault.

https://xkcd.com/538/

[lkuty]

What I like the most is offline relative to the Internet but online when it comes to my LAN and when I want to. Like 1Password in the good old days.