Information security is nearly always about trade-offs and this is no exception.
What you give:
- a single point of failure (one complex password you memorize that locally unlocks a DB of credentials that is stored encrypted in the cloud).
What you get:
- all passwords are unique and complex (assuming you use a password generator, which all these tools have built-in)
- the convenience of having all your passwords ready for use on any of your devices
- the convenience of auto-fill
- the convenience of being able to share logins e.g. a spouse or across your organization.
- the convenience of being able to also store, share, and auto-fill secrets besides logins (identities, credit cards, free-text notes).
Been using a password manager for 15+ years and I have never suffered fallout from the single-point of failure tradeoff, only benefits from the power and convenience I got as a result.
What you give:
- a single point of failure (one complex password you memorize that locally unlocks a DB of credentials that is stored encrypted in the cloud).
What you get:
- all passwords are unique and complex (assuming you use a password generator, which all these tools have built-in)
- the convenience of having all your passwords ready for use on any of your devices
- the convenience of auto-fill
- the convenience of being able to share logins e.g. a spouse or across your organization.
- the convenience of being able to also store, share, and auto-fill secrets besides logins (identities, credit cards, free-text notes).
Been using a password manager for 15+ years and I have never suffered fallout from the single-point of failure tradeoff, only benefits from the power and convenience I got as a result.