Great answers by others. Summarized:

– **Separate passwords for each and every account.** So when one gets compromised, that’s the only one. (Lots of people reuse passwords, and don’t notice when an account they last used 6 years ago gets compromised, so they don’t know that all their other current accounts are compromised too.)
– **Long, complex passwords** – extraordinarily hard to brute force and not likely to be in a rainbow table. You don’t ever have to remember them or type them in, and you don’t have to make them up, because the password manager handles all that for you.
– **Pure secret passwords.** Because you didn’t make the passwords, you didn’t memorize them, and you don’t type them, they couldn’t even be tortured out of you. Which means you also can’t reveal them while drunk, or sleeptalking, or whatever.
– **Securely encrypted** using the latest state-of-the-art encryption so even if someone gets a copy of your password vault, they can’t get in without your key.

– **The key is key.** Of course, you need a good lengthy memorable key phrase, many words, ideally not a common phrase, and with a personal twist or additions. But it’s relatively easy to make one of those that’s 12+ words plus numbers or whatever, and which you will always remember. The key is also useless without the vault – someone needs access to both to use it.

Drawbacks:

– **Single store.** If *you* lose access to the vault, you lose access to all your accounts. Therefore, you must keep backups, preferably in multiple locations.
– **Key required.** If you forget the key, you lose access to all your accounts. Therefore, you need to make it memorable. Maybe write it and put it in a secure physical location just in case, but don’t label it, so that anyone who finds it won’t know to look for the vault.