And if the password manager is compromised, then again everything is lost. I doubt people are indeed using good passwords for it, and does this assume you only use one device that you will always use?

> I doubt people are indeed using good passwords for it

I don't, but even if I do, the simple fact remains that remembering one password is easier than 300.

If you have to remember 300 passwords, youre gonna choose 'password1' - 'password300'. Because we're not living hashmaps.

But with one password, I can easily make it even 40 characters and remember it. And anybody can do that.

If you DON'T use a password manager, you don't solve the problem of "everything is lost". Because people just reuse passwords as noted above.

So Experian gets breached, which is WAYYYYY more likely than your encrypted password manager getting breached, and now your bank is also open, and your Gmail, and your IRS.gov. whoops.

> does this assume you only use one device that you will always use

No, password managers work on all your devices and auto sync. How is it done so securely and without any hiccups? Because they're super simple pieces of software.

You just take the passwords, derive a key from the master password, and encrypt all the passwords. Then dump it in whatever online storage.

I could write a password manager in a couple hours.