[jXCw1N0jtH3]

My approach for anything remotely sensitive, or that could be used to gain access to other accounts, is to generate a LastPass password and to memorize a handful of short "salts" that I add to each sensitive password manually + using 2FA wherever it's available.

Obviously there's no 100% secure approach, but at least this makes me sleep better knowing that if LastPass were comprimized, my stored gmail, bank, paypal, work, etc. passwords wouldn't work.

[Too]

Thanks for that tip. I was always worried a lost vault could leak all my accounts in one go but with this trick I think I'm confident enough to start using a password manager.