Rated 1 out of 5 stars
Absolutely a bad idea. There is nothing about this concept that is reliably secure -- and "because we say so" doesn't make it safe. Anyone who trusts an external storage system for all of his or her most vital passwords, is taking a huge risk. Spend an hour on the web reading reliable information about security, and you'll see that the ONLY way to go is an open source solution, stored locally.This review is for a previous version of the add-on (1.45).
If LastPass had access to your encryption key, we'd agree with you, but the fact is we found a better way that is safe and secure.
It's easy to write things off because you can't be bothered to look at the details. If you looked at the details you'd see that your sensitive data is encrypted locally with a key that isn't sent to LastPass. You'd see that you can verify that is case because we use standard encryption algorithms where you can reverse the encryption yourself.
The website (https://lastpass.com/) is 100% open source. You can verify it completely, you can see that the plugin sends the exact same data back and forth. Will that satisfy you?
The Firefox plugin can be run in a non-binary mode (see LastPass.com download's page) where you can read (but not use for your own purposes) the source code (it's slower because it's not using our binary encrypt speed ups). You can verify that it sends the same data back and forth, you can even see where we run the binary portions and see we only pass data to be encrypted and decrypted to them. Will that satisfy you?
The reality is that host proof hosting is a very legitimate and recognized way to implement an online password manager (see wikipedia for an explanation), and you're clinging to ideas that we're once true, but technology has advanced past your knowledge.