I keep hearing 'just use a password manager' as the only tip, but my cousin in IT said that's putting all your eggs in one basket.

He pointed out that if the master password gets compromised or the service has a breach, you could lose access to everything at once, which makes me think we should also talk about having a solid, memorable backup method for your most critical accounts.

4 comments

4 Comments

jana_jones2mo ago

Actually, a good password manager is more like one very strong basket.

the_anthony29d ago

Respectfully, I see it differently. A password manager is still a single point of failure no matter how strong the encryption is. If you forget that master password or lose access to your 2FA device, you're locked out of everything at once. That's not a minor inconvenience, that's a huge problem. I've seen people lose access to important accounts because their master password was stored somewhere they couldn't find anymore. The other thing is that even strong baskets can get broken into if someone really wants to. Spreading your passwords across a few different managers or using a written backup sounds messy but it gives you actual redundancy instead of putting all your trust in one system.

the_claire2mo ago

But what if that one basket gets stolen? Then you've lost everything at once.

spencer_owens582mo ago

Honestly, that "one very strong basket" idea is the whole point. A good password manager uses really strong encryption, so even if the company gets hacked, your actual passwords are still locked away safe. The real risk is forgetting your one master password, which is why you need a solid backup plan for that. Write it down and keep it somewhere safe, like with your important papers. Tbh, using weak, repeated passwords because you're scared of one breach is way more dangerous.