Well... It all started one rainy afternoon.
Not really, it all started when I realized I was paying $50 a year to save my passwords that I could never remember. So I decided to build my own password manager. One that is secure and will never try to make money off of people's need for security.
When I began this process, I made some decisions up front that would most certainly affect the ease-of-use of this service. I made these decisions knowing full well that people may choose to use something else, because these decisions make it harder to work with, and less "user-friendly". I made these decisions based on security and that's it. I did not want to compromise the security of this service. I knew going in that remaining as a web-service only (i.e. only in browsers), was the safest way. I knew that I never ever wanted to see the passphrase used for encryption. And I knew I wanted to make this the absolute safest rock solid service available today. If you look at the Features page, in the "Never Gonna Happen" section, you'll see the gist of these decisions. In the next few paragraphs I'm going to try to explain in the simplest of terms, why.
Never Gonna Happen -> Backdoor. I don't care who you are, or for what reason you might think this is a good idea, it's not going to happen. As Apple has shown in the San Bernardino case, this would just open a can of worms.
Never Gonna Happen -> Store Passphrase. I understand this is a very touchy issue. If you ever mistype your encryption passphrase, you will have to enter it exactly as you mistyped it. This sucks. But if I were to build a way to recover your data, well we're talking about the "Backdoor" section above. And it is never gonna happen. Sorry. However, what may happen is nightly backups, that you could restore, this data would still be encrypted using the correct passphrase, and you'd be right as rain, except maybe missing a row or two.
Never Gonna Happen -> Add-ons/Browser Extensions. Well folks, LastPass ruined this one for us. Sorry. Unless browsers get a clue and start creating a non-spoofable way to incorporate a browser extension, this feature is out of the question. It's for the best.
This has been a long journey folks, and I will be making changes all the time. I will be constantly monitoring/testing the security of this service and trying to make it as "user-friendly" as I can, while maintaining the utmost security.
Thanks for reading this far! You're my hero!