I never understood how password managers make things safer. Doesn't the manager then become a major security vulnerability if it ever gets compromised?
Well yes, which is why using a local one is better than using a SASS one. Keepass's encrypted databases are not only behind the security of your home network, but can even be locked such that you need a physical security key to unlock them (not that most people really need that).
That said, the primary security improvement that comes from them is password generators. You don't have to know what any of your passwords are, you can make them 64 characters long at no cost to yourself (essentially making short passwords worthless by comparison), and these passwords can be made up entirely of random characters, basically rendering all of the most common cracking/brute force methods useless. Having a memorizable password is an inherent risk that most people allow themselves to get into the habit of doing because they don't see themselves as targets.
Yes, there's Keepass programs for all OSs and all of them can open the same database files with passwords due to being written based on the same standards. All you have to do is copy the database file after making changes.
“You mean I need a new user account? ANOTHER ONE? UGH!!!”
The Virgin username/password repeater vs. The Chad password manager user
I never understood how password managers make things safer. Doesn't the manager then become a major security vulnerability if it ever gets compromised?
Well yes, which is why using a local one is better than using a SASS one. Keepass's encrypted databases are not only behind the security of your home network, but can even be locked such that you need a physical security key to unlock them (not that most people really need that).
That said, the primary security improvement that comes from them is password generators. You don't have to know what any of your passwords are, you can make them 64 characters long at no cost to yourself (essentially making short passwords worthless by comparison), and these passwords can be made up entirely of random characters, basically rendering all of the most common cracking/brute force methods useless. Having a memorizable password is an inherent risk that most people allow themselves to get into the habit of doing because they don't see themselves as targets.
And I can host the same password generator on multiple devices?
Yes, there's Keepass programs for all OSs and all of them can open the same database files with passwords due to being written based on the same standards. All you have to do is copy the database file after making changes.