Unless you think it would be wise to actually create a TXT file that lists all of your logins/usernames/passwords, and post it on a public forum or social media site like FB, you really SHOULD be using a password manager.
For a brief moment (back then), I actually believed that the slight scramble on my middle name from “haviland” to “H@v1LAnd” was quite adequate as a password for any and every website, and that nobody would EVER guess/crack it – right up until the moment that they did (which wasn’t long).
We ALL think we are cleverer than we actually are. In short – GET A PASSWORD MANAGER!
In A What-To/Why-To, NOT a How-To, I mentioned that it isn’t only the howto which is a problem. There are hundreds and thousands of options for passwords managers. All have their places and merits, so I will run through the journey I followed in reaching where I am now. All of the ones mentioned are cross-platform, since I want to be able to help in Getting OFF Microsoft Windows (M$-win) wherever possible.
My initial password manager of choice was LastPass. My current choice is KeePass. (KeePassXC is better in someways, worse in others, and a close 2nd).
I did, in all honesty, TRY to start with KeePass, since I figured if I was going to get a tinhat, I should have it at home, instead of on a cloud site.
The experience (as a complete n00b13) was much like WP51 for DOS. A virtually blank screen with no real clues or prettiness and minimal hints.
LastPass, on the other hand, made it easy and intuitive. It imported a bunch of existing passwords, and reported back just how bad my security actually was. I paid for a 1 year subscription ($12 didn’t seem all that bad – and the extra features were pretty handy while I was learning). I can’t remember why, but it’s behaviour started becoming annoying, and I then looked properly at KeePass and got it to work (mostly) the way I want. Again, in all honesty, LastPass contributed here. I exported/imported all my neatly structured passwords from LastPass into KeePass, and presto – it works like a dream.
If you are struggling, or unsure, start at LastPass (free)…let it help you a bit…convert to KeePass.
Sideline: KeePassXC – the only “limiting factor” for me – is that it doesn’t have range of plugins which are available for KeePass.
This is the start point. We will add 2FA later. (Baby steps for now – we’re still learning)
My preferred setup:
archlinux
debian I haven’t yet figured out the plugin additions on debian via apt