Ask HN: are pwd managers more secure?

If you want to keep the paper form and also have the ability to securely generate new passwords:

Buy a cheap, widely, available book (maybe two or three of the same), start at a random page and use the first letters/sentences in this book as your new password. To make it even more secure, I would suggest you add a "standard" to every password you have created ... like "SuperSecurePa##".

So for example: You have bought a book and like to add a new password ... you might start at page one, where the sentence would be: "Once upon a time, there were two developers ..." => this will become your password: "Ouat,twtdSuperSecurePa##"

Even more secure password (due to the size): "Onceuponatime,thereweretwodevelopersSuperSecurePa##"

You can level this up by: - Your chosen appendix has even more "secure" chars, like #*+?="§%&/() (you know what I mean) - You prepend and append your new password with your "common" pass (here "SuperSecurePa##") ... or maybe prepend with a different common pass??

- Convenience: I only have to remember one password and I get the comfort of a digital database (as opposed to, paper).

- The passwords I have on websites can have higher entropy and be longer than I could ever remember or type, making them possibly harder to decipher in case of a breach on any website.

- Password managers are all about security while many websites are not (at least not as their primary purpose). Password managers are probably better at it.

- If a (good) password manager is set up to sync passwords via a server or your machine somehow gets compromised, the password database should still be encrypted via a master password.

It's more of a pain to use than web password managers, but less than a piece of paper. I'd still recommend writing down the master password, since if you lose it you're screwed.

I had to change all the passwords immediately because of this. Even if i have 1Password on the lost phone, i don't see how anyone could get inside of it