KeePass

It's secure. The kdbx file is encrypted via AES (by default), which is an encryption standard that has been heavily reviewed by encryption specialists around the world. The biggest security risk is you using a short/weak/guessable password, or as noted in xkcd #538 , you are the weakest link in the chain. More on reddit.com

KeePassXC is a cross platform fork of KeePass, but for all intents and purposes, they're extremely similar Personal bias: I've been using KeePass since about 2015 KeePass is truly offline so there's no online web facing front end for an attacker to use If someone managed to get my KeePass password, they'd still have to get my KeePass database file before they could do anything with it Compare that to LastPass, hosted Bitwarden or 1Password where all of them are online, so if an attacker got your email and password, they're in My other favourite KeePass feature is the auto type sequences that you can program, so if a site requires a string here, then a tab, then the password, then another tab then enter, you can make KeePass do that for you KeePassXC also has support for TOTP so it can generate one time passcodes for you I'd advise against using this feature because it defeats the purpose of MFA Other great features of KeePass include It's fully open source so it can be audited It's been audited many times without any glaring issues found You can add entropy to the database to help slow brute force attacks down to become almost impossible You maintain full control of your database so you know exactly where it is and you have full say on where it goes If you have an Android phone then I highly recommend KeePass2Android as it's also open source and utilises the system auto fill, which makes logging into stuff on your phone really easy As for syncing your KeePass DB across multiple devices, there's lots of options You can do private syncing with Syncthing or you can keep a copy in your Google Drive, Dropbox, etc It has my vote - the only other option I'd consider moving to is self hosted Bitwarden, but it's more effort to run compared to looking after 1 single file More on reddit.com

What would happen to the database file if the computer were to get a virus that encrypts all files? Well, it would be encrypted without you having the key, and you would be locked out of it, just like the other files in a ransomware attack. Then, even if you paid the ransom, you might, or you might not, recover your database and access it. That's the reason you should make multiple daily backups of all your computer. But that's unconnected to Kee Pass. It's a general rule. Is KeePass really safe? Even from skilled hackers like Anonymous? Yes. Provided, as always, you use it following good security practices. If you use a short and easily guessed password, for instance, even unskilled hackers would be able to get into it. There is no magical tool which will give you security just by being there. You need to do your part of the job. More on reddit.com

I sometimes dump my BW passwords into KeePassXC, as backup. I use keyfile, so I can store my KeePassXC database in a cloud. + I also print the database (as file, not as a list of passwords!) in Base64 converted txt format, and send to my mother by post. Encode: base64 test.kdbx > test.kdbx.txt Here is one such file https://pastebin.com/raw/S8ZBXXkn .  It is a kdbx file with "password" as password converted into Base64 as txt file.  You can print it. To convert back (from paper using OCR) you just execute: Decode: base64 -d test.kdbx.txt > test.kdbx More on reddit.com