I never said that they should be hashed, just that they aren't. Just subtly pointing out what the tradeoffs are if you choose to use a password manager whose storage/access is basically always available.

At least with Keepass it's locked in an encrypted store and only available exactly when I need it to be. I can take other precautions if I want when I want to access it.

With your browser's password manager you're stuck with the slop you were given.

So are you typing your password every single time you want to unlock that store? If not, where's the master password stored? I know Keychain does something advanced with the enclave.