After the LastPass screw up, I don't think I can trust any password managers. Even if it is open source, audited by hundreds of experts, there is no guarantee. 2FA on everything sure. But all those secure notes for example leaks.

What is a good solution?

Building Karma - onchain contributor reputation products  /karma

/mantej / Cryptography Engineering at Cash App / Adjunct Professor at NYU / cat daddy 🐈 🐈‍⬛

I have been resisting iCloud keychain, don't even know why but I think you have a pretty good point. Thank you!

I use the iCloud Keychain (ie Apple’s password manager) for password management. Compromising my iCloud account—unique password + MFA access to one of my signed-in devices is a bar I’m comfortable with. 

Regaining trust is hard, but password managers are still better than the alternatives, for most use cases.

Venture Partner at marinventures.com | Security Consultant at horizonslaw.io | Cybersecurity M.S. Candidate at gatech.edu

You could self-host Bitwarden but you'll have to do a lot configuration and you'd inherit all the security risk.

You could use KeePass which is completely offline by design, but there's a big convenience hit especially across devices.

Came here to recommend self hosted Bitwarden. Of course @winstonlaoh covered it already.

All the conveniences of password manager, without central point of failure risk.

As inconvenient as hardware keys are, they’re worth for risks you can’t chance ($$)

Don’t have a good answer to prevent Sim swaps sadly