LOGBOOK

HELP

Quiz Entry - updated: 2026.07.05

What is a password manager, and why does it let you violate "don't write down passwords"?

A password manager is an encrypted vault that stores unique random passwords for every account — you only remember the master password.

How it works:

  • Generates strong random passwords (e.g. R7$mK9!pQz#vW2Nx) per site
  • Stores them encrypted with a key derived from your master password
  • Auto-fills on login → you never type the actual passwords

Why "writing them down" is fine here:

The classic rule "don't write passwords down" assumes a sticky note on your monitor. A password manager is a digital vault with strong encryption (typically AES-256 + PBKDF2/Argon2 key derivation). Even if attackers steal the vault file, they need to brute-force your master password — which takes effectively forever if it's strong.

The master password is everything:

  • Must be very long (passphrase recommended)
  • Must NOT be reused anywhere else
  • Should NOT be written down

Common managers: Bitwarden (open source, free), 1Password, KeePassXC (offline), built-in browser managers (convenient but lock you to that browser).

Tip: Combine with 2FA on the manager itself — even if someone steals your master password, they can't unlock the vault without your second factor.

Go deeper:

From Quiz: INTROL / Password Cracking | Updated: Jul 05, 2026