I don't understand why people prefer to store their passwords in the cloud. Even if they are encrypted on the wire, and encrypted on the disk. The moment a discovery is made that makes that encryption algorithm "broken", is the moment your passwords and logins are at risk to someone you don't control.

Passwords should be encrypted locally, and stored locally. If AES-256 is really just a Caesar cipher on drugs, and is broken tomorrow, I won't need to scramble getting my passwords reset. For those relying on LastPass however....

I'm curious to see the community's reaction to these observations about LastPass and also hear what alternatives people use (KeePass and variants, 1Password, pass, pwsafe, etc.).

That looks nearly a year old, the post isn't timestamped but the dates from the emails are from September 2012.