Who TF isn’t using a password manager in 2025? Like how would you even function?

EDIT: Y’all need to stop replying with your password generation strategies. JFC it’s like you’re asking someone to pwn your shit.

My employer, a fortune 500, blocks password managers and all other add-ons.

Has to be 16 characters

So long as I can use more than that, I won't complain. I don't remember the service, but I definitely remember one where they wouldn't allow over a certain amount of characters and that was annoying because that was when I was still using repeat passwords back in highschool. My preferred password at the time was roughly 20 characters, but apparently that was too much because who cares about security, am I right?

My employer, a 12 people big company, nowhere near any fortune list, mandates the use of 1password for all company related accounts.

I use modified “HorseBatteryStaple” style passwords. I have a couple base phrases that I always remember, with special characters and numbers inserted. I modify them bit by bit for different sites, and keep a list of the changes - only the changes. Anyone who looks at the list would see random words, numbers, or symbols without context; only I know how it all fits together.

For example, let’s pretend HorseBatteryStaple1! Is my default password. I may have “cell phone, machine 5” on the list. That would mean the password for my cell phone’s payment website modifies the default password by changing one of the words in HorseBatteryStaple to “machine” and the number 1 to 5.

I know password managers exist, but I like to try to remember my own passwords. Especially since I may need them across different devices, including my work laptop that I can’t download new programs onto.

Ah but you see there's the problem, you don't have a committee to launch a working group that puts together investigative teams to research and write reports on the benefit of the solution, the ROI of the solution, the training costs of the solution, stakeholder buy in of the solution, and potential alternatives to the solution. You need at least a 10 month process before one jackass says they don't want the solution so the committee can recommend to management that the solution be abandoned.

Caution, reusing parts of your passwords like that significantly reduces the effective entropy.

If someone finds HorseBatteryStaple1! in a plaintext leak, then they only need to guess one word and one number to get your phone password (assuming they know your format or use a matching heuristic).

For everybody commenting on passwords manager, I've been using one for years now and I feel this so bad. My company has a password policy of changing the LAPTOP's password every 8 weeks and you can't reuse any of the last 10 passwords used. I hate it because I can't use a password manager to unlock my laptop and I'm so used to password managers by now that it's getting really hard to come up with new passwords that follow the stupid requirements and even worse remembering them. I'm veeeery close to just start noting them down in a notebook by my machine and then send a picture to our security guy to show him where he has gotten us all to

!!! PASSWORD TOO WEAK !!! - your password must contains upper and lowercase characters, digits and symbols except not a hyphen for some fucking reason,, and no characters you've ever used in past passwords and no digits that are in your postal code, data of birth, or shoe size. Zalgo text is acceptable.

Quick question friends:

If I'm already using bitwarden and decide to switch to self-hosting it; can I import my usernames and such?

I would most likely change all the passwords, but being able to migrate the websites (with corresponding username) would be kinda nice

I can remember like 5 passwords. My computer password, my work computer password, my trash everything password and my password vault password. I know that's only 4, but I still remember my last vault password, so that one counts twice

Everything else is some random shit that I bitch about entering manually when pasting doesn't work.

It's even worse when they have a limit and don't enforce it consistently. I had to submit a bug report to my bank because I made a 24 character password at account creation but the login page only allowed 16 characters.

Use a password manager. Problem solved.

and my password vault password

Use a password manager

Lol

Ok fair I didn't read that far. Still, I think my point is valid, at least a little

Write a script that sets the password to 10 different passwords, then back to your original password.

What is the best move?

Yes you can. https://bitwarden.com/help/migration/#tab-cloud-to-self-hosted-52Q80N79LCU2kkRJpuPKMy