Lastpass is the best to use. If you ever format your pc, that is if you don't backup "firefox profile" "chrome" w/e browser you use, you sign into lastpass addon, all your passwords are there for you. Password database is encrypted on your pc before they get sent off to online through SSL.
LastPass is an evolved Host Proof hosted solution, which avoids the stated weakness of vulnerability to XSS as long as you're using the add-on. LastPass strongly believes in using local encryption, and locally created
one way salted hashes to provide you with the best of both worlds for your sensitive information: Complete security, while still providing online accessibility and syncing capabilities. We've accomplished this by using
256-bit AES implemented in C++ and JavaScript (for the website) and exclusively encrypting and decrypting on your local PC. No one at LastPass can ever access your sensitive data. We've taken every step we can think of to ensure your security and privacy.
There was one breech of lastpass, they patched it, but because everything that was encrypted, only most likely weak masterpassworded accounts might, might have been cracked but doubt it, so they suggested for all to just change the masterpassword for weak passworded accounts.
Complete follow up found hereUnlike sony, they were breeched, everything was in plain text.
Edit:
Dropbox is not encrypted, I've heard waula is though. waula same as lastpass, encrypted on your pc before it leaves your pc.
