After the LastPass screw up, I don't think I can trust any password managers. Even if it is open source, audited by hundreds of experts, there is no guarantee. 2FA on everything sure. But all those secure notes for example leaks.

What is a good solution?

Building Karma - onchain contributor reputation products  /karma

I use the iCloud Keychain (ie Apple’s password manager) for password management. Compromising my iCloud account—unique password + MFA access to one of my signed-in devices is a bar I’m comfortable with. 

Regaining trust is hard, but password managers are still better than the alternatives, for most use cases.

/mantej / Cryptography Engineering at Cash App / Adjunct Professor at NYU / cat daddy 🐈 🐈‍⬛

I have been resisting iCloud keychain, don't even know why but I think you have a pretty good point. Thank you!