Recently, it’s come to light that password managers may not be as secure as they could be. After reading through the analysis, it becomes apparent that they’re still better than using the same password for everything, or storing passwords in a plain text file on your computer! Additionally there are databases on the internet filled with known pwned passwords.
In an attempt to combat these issues, I have been using keepass for ages now to store all of my passwords, and have found it to be very useful in keeping my life online secure.
It stores all my passwords in an encrypted file, and allows me to have a unique, strong >20 character length, password for each and every website/application.
Yes, there are downsides.
If it is compromised, then that’s all my passwords exposed in one place, so it’s important that the password securing the password vault is secure, and 2 factor authentication is also available. (As passwords alone are not that secure).
Also, if I forget my master password, I’m then locked out of all my passwords.
Ultimately, using a password manager to store unique strong passwords for every website is much easier than trying to remember a unique strong password for every website which requires a password!