If stored in a browser, your passwords become very obvious targets for stealer malware (the stuff that does account takeovers). Using keepass or other similar software won’t make it impossible for malware to get them, but the likelihood malware will target it is significantly lower.
Paid services put your passwords in the hands of the service. In the case of a data breach (see LastPass), all your passwords will get out.
Note: Password manager services should encrypt your data such that a data breach does not instantly pwn every single account of every single customer. However it is not possible for you as the customer to know until they get breached.
Note 2: When storing your passwords in the browser, they may also end up stored in Google or Mozilla’s (and so on) servers, resulting in the worst of both worlds for security: Passwords are in a well-known location on your PC and a well-known location on the internet.
If stored in a browser, your passwords become very obvious targets for stealer malware (the stuff that does account takeovers). Using keepass or other similar software won’t make it impossible for malware to get them, but the likelihood malware will target it is significantly lower.
Paid services put your passwords in the hands of the service. In the case of a data breach (see LastPass), all your passwords will get out.
Note: Password manager services should encrypt your data such that a data breach does not instantly pwn every single account of every single customer. However it is not possible for you as the customer to know until they get breached.
Note 2: When storing your passwords in the browser, they may also end up stored in Google or Mozilla’s (and so on) servers, resulting in the worst of both worlds for security: Passwords are in a well-known location on your PC and a well-known location on the internet.