Bitwarden here, but I actually self-host vaultwarden, which is a back-end server for Bitwarden which you can self host. Much better to keep that sort of thing in your own hands. It reduces your 'attack surface' massively. Your passwords don't need to be online at all - it actually works really well set up on a Raspberry Pi, then when I'm at home, it'll sync because it's available on my local network with no remote access. I can still access passwords on my phone while out and about, which is handy as the vault syncs down to your phone.