I was always imagining how bad would it be if an Online based password manager got it's servers and / or database breached, even if they use only hashing + salting for the user's details.
Perhaps I am paranoid but using an offline solution seemed better to me, from the beginning, since before the web based password managers gained trust and popularity.
The traditional offline based Keepass Password Safe can be also 'sent to the cloud' (or at least the kdbx files) via a third parity cloud provider, like Drop Box or similar, ftps cron jobs etc
-Transparent local encryption
-Kee Pass kdbx file locked by master pass-phrase + some file as a key
-kdbx files are always up to date on every device via third parity solution - Drop Box or similar.
Even if the cloud part gets compromised, the local file is still protected.