Comment Re:Memorizing site-unique passwords isn't possible (Score 1) 267
For someone who does want an online identity, password management software is by far the best option for anyone with a moderately valuable one. Of course there isn't a perfect solution, but it would be wronger than wrong to suggest that since there are ways to subvert password management software, then it's no better than memorization. A good camera angle or keylogger will steal your memorized passwords as you type them just as easily as it will from a password manager. Easier, in many cases. And your "single point of failure" argument is weakened by the fact that even a moderate password locking a database of one of the popular password managers would be resistant to years of offline attack. I mean, sure, the lack of convenience is an argument against using a password manager, but it's also an argument against wearing a seatbelt. It's needlessly risky to type a memorized password into a site where you have no visibility on what they're doing with it, what security they have in place to detect breaches, or even if they'd notify you when your credentials were stolen. Monitoring your credit report is a valuable part of a defense in depth but not as an alternative to good password practices.