There are many services out there like LastPass and Firefox' password manager, which store your passwords, and suggest passwords when needed. This means that they are storing passwords in such a way that is reversible. They store passwords and then tell you your passwords, which means that they are not storing passwords with secure algorithms because these secure algorithms are irreversible. Then how are these services safe and secure?
When you use a password manager that locally stores your data, data is encrypted and stored in your device. The type of encryption used in this case is symmetric encryption, which means that the same key is used for both encryption and decryption processes. Your manager's master password is used (after some transformations) as the mentioned symmetric key to encrypt and decrypt your passwords. The general workflow of everyday use of your password manager is as follows:
The answer to the "reversibility" comment is YES. The encryption algorithms must be "reversible" to accomplish their purpose. The "reverse" process to encryption is decryption, in the case of symmetric encryption algorithms, you require the same key for both processes, and in the case of asymmetric encryption algorithms, you need a public key for encryption and a private key for decryption. The Magic of this is that without the correct key, it is unfeasible to decrypt any ciphertext (when appropriate algorithms, parameters, and well-constructed keys are used).
I won't comment on all the concerns and flaws the pass managers' implementations have, especially with regard to browser clients and auto-fill features. But you have to know that they exist and is up to you the use such applications and features. More info here: [[1]]
My final comment is that it is preferred to configure your password managers to be locked by default and only unlock them when needed. This will reduce the attack surface of having your passwords decrypted for a long time.