Comment Re:Surprise (Score 2) 114
The problem is that you can't hide things from the service provider with nothing but a browser. You need an addon or such to do secure crypto. You need to decrypt the password database locally, in-browser, and without an addon that means using JS crypto, which isn't ideal. Your mailing example is very different, since it doesn't matter if the service provider knows the address and financials, they're the intended recipient of the info! With a password manager, you don't want the service to be able to learn the contents of the encrypted database. That means the encryption/decryption must be done client-side.
That said, it's perfectly possible to store the encrypted database on the internet. A local encryption/decryption program (like Keepass) works just fine, and if combined with a cloud storage client that also does local encryption/decryption (Wuala, Spideroak, etc) it should be quite secure.
That said, it's perfectly possible to store the encrypted database on the internet. A local encryption/decryption program (like Keepass) works just fine, and if combined with a cloud storage client that also does local encryption/decryption (Wuala, Spideroak, etc) it should be quite secure.