[speedgoose]

It’s still better than using the same few passwords everywhere or having a system with the site name. Because you need only on website vulnerability, which is quite common, to compromise your passwords. It’s better to have a single unlikely point of failure than many guaranteed points of failure in my opinion.

Chrome has a password manager but the key is stored for you, which is less secure because it’s not using a HSM (hardware security module) as far as I know.

[ipaddr]

Your single point will be compromised. Someone gets access to your system they now have access to all of your passwords. Your password manager is hacked. Your device dies. Putting your eggs in one basket feels like a smart thing until you lose that basket.

[speedgoose]

I agree it’s not perfect but what is your better solution? My email and some passwords have been collected at least 8 times according to https://haveibeenpwned.com/

A password manager with multiple factor authentication sounds better to me.

[ipaddr]

The different email address per service approach fixes that issue and provides additional privacy when your data is sold to bulk data resellers.

[eptcyka]

My password manager can only decrypt my passwords via my yubikey. What now?