• 15 years ago the common logic was the most likely way for a password to get stolen is by writing it down and leaving it in an accessible spot, and somebody stealing the password there.

    I don’t think that logic holds anymore, and with the LastPass breach I think that’s proof you want to step away from the cloud not towards it. Imo the most secure way to store passwords is to generate multiple random codes, use a portion of each and then just write those down.

    • You can also use a password manager that’s not connected to a cloud. Or an encrypted usb stick. The problem with writing it on paper is, that people tend to use too short passwords or repeated passphrases. Using a really long master key and a key file with an encrypted database is safer than a cloud.