MPG has long distrusted using the “cloud” for any data storage for a variety of reasons, but namely security (certainly for nude selfies!). It doesn’t matter how conscientious a provider is, because between sophisticated hackers and the NSA and foreign governments, everything can be compromised somehow—including a personal computer, but one single computer is not in general a tempting target for hackers, like a service used by millions.
The unwavering recommendation from MPG is to distrust cloud storage for any sensitive data. Because it is not “if” but “when”.
Any site with millions of users is a huge prize, hence considerable effort is expended to crack into large web sites. This modest web site suffers many times a day probes from hackers, yet it is hardly a prize (nothing sensitive is stored on it). Ditto for any web site.
One more of many incidents
Dropbox was not hacked, but very apropos in terms of password managers and password risks is this Oct 13 2014 news at ArsTechnica which represents just one of many such incidents that occur many times each year. Right or wrong, it speaks t the concerns and risks with major services.
On Friday evening we began a routine server upgrade. Unfortunately, a bug installed this upgrade on several active servers, which brought down the entire service. Your files were always safe, and despite some reports, no hacking or DDOS attack was involved.
The particulars of this case are not relevant; it’s the ongoing risk and commonplace occurrence of this type of issue. Sometimes there has been no hacking, but too often the news reads otherwise.
With 1Password, a high quality master password is key, which protects the vault even if the vault is stolen.
Never use a password for more than one purpose. Use a unique password for each and every web site or service. This is why a password manager is so valuable: strong and obscure passwords unique to each web site that one does not have to type in or memorize.