Password Manager or Strong Passwords?

You need Strong Passwords for sure. Password Managers are optional and not really related to password strength. Use only strong passwords.

@ALL, I'm trying to determine which is better between having a single point of failure vs controlling all your passwords with some being shared. if a site I were using was hacked what is the probability that they would OWN me? In other words, knowing every site I have duplicate passwords on and thereby gaining access across the board? So the argument to me is simple which poses more vulnerability: a password manager with single point of failure (password) coupled with blindly trusting hackers are not going to start targeting cloud password managers vs having strong but dissimilar passwords across many different sites. Most mainstream sites will not allow to you run dict/DoS attacks on the account level as the account will hit its lockout threshold. The underscoring theme here is that hackers are going after penetrations that yield grand rewards/entire dBs not single accounts. So unless your and admin for one of these companies the probability of account ownership attack is nill to null. Thoughts?

@Alan, 63 character passwords are bordering on absurdity/paranoia and is only successfully making your life more difficult! I'm looking for serious security expertise here not paranoia. At that point (roughly a 380-bit entropy) the probability of "hacking" your password alone would be pointless as it would take roughly 6 quinquatrigintillion years. Hackers don't use those type of methods in general unless they are targeting you and I'd highly doubt you are being targeting while still remaining in public. Correct me if I'm wrong but hackers are going to exploit the easiest vulnerability for the biggest gain. A single password vs dB hack...they will always go with social engineering or sys hack over single user password unless probing has determined its worth it and easy cascades into a larger reward. I agree with you on the 2FA part - that will dramatically increase security.

Thanks Alan for addressing those points...you made a lot of sense. I guess I just needed to hear the explanations.

Password Manager facilitates the use of unique passwords and because you do not have to remember them, they can be super complex without hassle.

All my passwords are unique and between 64 and 128 characters.

Your password manager still needs to have a strong password and store strong passwords.  They're not mutually exclusive.  You'll need a password manager only because you'll have too many strong passwords to remember correctly.  I also store some password, but some are never stored, but all passwords must be strong passwords.

Hi Peter,

How are you going on this?

Thanks,

Alan.

I should be closing this shortly. thx for your patience.

No problem - let us know if you have any other queries before closing it.

Thanks,

Alan.

I'm awarding now. sorry for the big delay.

Thank you for helping me understand the differences and nuances.

We highly recommend both. Most of today's password managers, including RoboForm, offer a password generation tool. This is an efficient way to generate strong and unique passwords for every site. Once generated, you can securely store them in the password manager and log into the site with a single click. RoboForm combines both security and convince. If you're interested in learning more about the features included within our password manager, please visit: https://www.roboform.com/key-features