Not a true greentext but I hope I have captured the spirit of it. (First time I wrote smth like this, don’t be harsh on me. >w<)
proceeds to generate password for each service and forget the master password
just use a password-manager-password password manager for the password manager password
That’s just recommended to emphasize length. If your password is as long as a passphrase it’s likely more secure (harder to remember though).
Also, you don’t need to write it down correctly, if you remember what’s the missing or different or fake bit. And you can write down a few decoy ones next to it. Or have it in two different places. Lots of room for obfuscation along with some good old fashioned physical security on where you store the note. And the backup note off-site, if you’re that kind of person.
Hell, just make some extra decoy ones just for fun and practice.
just make the password a little story you can remember, e,g. “Carl+Lenny:go2a bar&spend$$$”
My strategy for this is to have a second password manager available on a couple old devices, accessed with biometrics (fingerprint in this case), and only the master password saved within it.
I considered saving it within the main manager itself, since I have devices where I can use biometrics rather than password, but that feels like a bad idea.
Has definitely been a life saver
](https://lemmy.dbzer0.com/pictrs/image/2f4ae845-6190-4bef-ac6c-f9614e6c2d02.png){kind=link}