My strategy is to have a persistent short passphrase that’s within every password I use, and pair it with a silly bastardization of the service I have an account for. So, for example, if my passphrase were hunter2 (lol) and I had an account on Netflix, my password for Netflix might be something like hunter2NutFlex. Because of this, I can manage my own passwords in basic text as “code NutFlex” because the “code” portion is encrypted in my own fucking brain. If Netflix gets hacked, somebody has a password that only works with Netflix, and they’d need my text file as a Rosetta Stone to acquire my other passwords. Not impossible, but who the fuck am I and why would anybody dig that deep to do that to me?
I’m no IT expert, so somebody tell me if this is a stupid and overly vulnerable strategy. I thought I was pretty brilliant for coming up with this and rolling it out several years ago.