I don’t use them. I see this as a putting all eggs in one basket strategy, if my master password was lost, hacked, hosting company shutdown, or for whatever reason refuse to do business with me, my entire life would be screwed.
Instead I use long passwords made of words, and for each site it will be a few letters off. They’re easy for humans to remember because how similar they are, but due how hash works they are equivalent to unique passwords to hackers.
Hashing only works if the website stores their passwords correctly. If a single website you use doesn’t hash passwords correctly, and gets their database leaked, then your passwords will all be leaked. Changing a few characters per site may help a bit, but it shouldn’t be relied on.
Also, if you’re worried about the host shutting down, you should try bitwarden. It’s completely open source, and you can self host it if you want.
Changing even a single letter will completely scramble your password with hash, so for all intents and purpose it is equivalent to a unique password.
Though I do admit it can get a bit tedious, I’ll definitly look into self-hosting, thanks for the recommendation
Password are leaked all the time. You are trusting the website with your password, but won’t trust a password manager.
There are self hosted versions of password managers that solve the issues you described. Just read the comments here, some great recommendations.
No they are not.
Also, KeePassXC is an open-source project that saves your password database (encrypted) in a local file. So no company can stop doing business with you. I then use syncthing to sync the database to all devices without using cloud. An excellent solution for sligthly paranoid people :D