Vibecoding a password manager might be the worst idea ever. You'd be better off with an encrypted Excel sheet. But otherwise, 1Password is great imo and there are other free open source password managers.

>Vibecoding a password manager might be the worst idea ever.

I mean I'm just spitballing here, but not convinced this is true.

From a formal security theory perspective certainly, but practically...nobody with half an ounce of skill is going to spend their time breaking one individual's custom solution that almost certainly just contains their hn password. That's if you can even get to it - selfhosted password managers are usually on LAN/behind vpn.

Risk profile wise the thing could be a god damn plain text .txt on a LAN network drive and still outperform a Lastpass.com that by definition has a giant hack-me sign on it's back.

The crypto part barely moves the needles here

Actual password managers (eg not my old excel sheet) protect you against url doppelgänger and related phishing attacks, as well as incidentally discourage password reuse. 1Password can even now warn you if you try to paste into the wrong website (https://support.1password.com/browser-autofill-security/)

People mock Excel's encryption, mostly based on the outdated binary format's "encryption" (which admittedly was a joke). Modern Excel is actually legitimately secure, it uses PBKDF2 (5K rounds) to hash the user's password then AES-256 for the actual encryption.

So while Bitwarden is more secure than modern Excel out of the box, neither one is a slouch. You'll definitely spend a lot of compute cracking either one. The weakest part, as always, is the user's password.