Went to go get this pixelfed thing started, saw it would let me log in via mastodon. Sweet.gif, alas, can’t remember my password, and I’m getting nothing on reset email. I’ve done, presumably, everything possible that has been posted as a solution. Plaise halp!
They’re secure. Absolutely more secure than going without. I know a total of about two passwords, which are used in only two places.
The rest of my passwords look like PaB@@f%G4q77Mh#EsL%DG@
Keepass uses a file you keep on your own computer, encrypted, with two passwords. One password (a keyfile) is stored on your disk. The other you remember. With that much security, you can give someone your password database and it’s unlikely they’ll ever open it. If you’re ultra paranoid, you use keepass.
Bitwarden is more convenient, more user friendly, and stored in the cloud. It’s open source and audited. If someone breached Bitwarden, it’d be huge news.
Not having a password manager, besides being a huge pita, is more of a security risk. I bet you use the same password on different sites, maybe with a variation based on the domain name. You likely often have trouble remembering passwords, and might try several passwords if your first try fails. All this is information you could be giving away if the site is compromised.
I never forget a username or password anymore. If the site tells me I’m wrong, I know it’s them and not me.
Plus Passkeys are pretty great and are starting to be supported.