The point of encrypting something that gets decrypted midway by an organization is that there are worse actors than the organization out there. I’m not really scared of Steam abusing my credit card info, but I am afraid of random internet strangers.

Also remember that https doesn’t just protect your data, it also verifies that you’re actually on the website you think you are. The internet is basically unusable without this guarantee, especially on a network you share with others.

So no vetting at all presumably since you didn’t mention it? So how do you know that Dashlane is safer than a password scheme that might be guessed by someone after they’ve already compromised a couple of your passwords?

For someone to work it out, they would have to be targeting you specifically. I would imagine that is not as common as, eg, using a database of leaked passwords to automatically try as many username-password combinations as possible. I don’t think it’s a great pattern either, but it’s probably better than what most people would do to get easy-to-remember passwords. If you string it with other patterns that are easy for you to memorize you could get a password that is decently safe in total.

Don’t complicate it. Use a password manager. I know none of my passwords and that’s how it should be.

A password manager isn’t really any less complicated. You’ve just out-sourced the complexity to someone else. How have you actually vetted your password manager and what’s your backup plan for when they fuck up?

Well, realistically there is a good chance that this will turn out just fine business-wise. They don’t care if they lose some engagement or if the quality goes to shit. It’s all good, as long as it makes some money.

In my opinion, this sort of model should be considered anti-competitive. It has become apparent that these services operate on a model where they offer a service that is too good to be true in order to kill the competition, and then they switch to their actual profitable business plan. If you think about it, peertube is a much more sensible economical model with its federation and p2p streaming. But nobody has ever cared about it because huge tech giants offer hosting & bandwith “for free”. The evil part of youtube is not the ads, its the fact that it allowed us to bypass them long enough for the entire planet to become dependent on it.