Use a secure “password manager app” to store passwords. Do not store passwords to websites in an unencrypted file system. In other words, do not store any sensitive data like usernames and passwords, in a Word doc (*.doc, *.docx, etc.); WordPad (*.rtf); Notepad (*.txt); and so on. These filesystems store data in plain text and cannot scramble (encrypt) the data.
When data is stored in plain text anyone or anything can search and read the contents of the file. This means that if you store sensitive data in them and a malicious person finds these files, they can use it to change your passwords and other information like contact email, phone number and so on, without your knowledge. You are better off using handwritten credentials stored in a secure, locked safe than using these filesystems. (With the exception of the websites than require 2-step verification before changing any information.)
If this handwritten method is impractical for you, I suggest using an OFFLINE “password manager app” which encrypts your usernames & passwords such that a computer cannot easily decrypt them. Cloud-based “password manager apps” are more vulnerable, in my opinion, than using an offline version.
For example, if the “password manager app” company has a database security breach that exposes their data and the black hat hacker manages to decrypt the information (data), then all their clientele’s sensitive data are exposed. However, a responsible, cyber security-conscious, cloud-based “password manager app” company will provide 256-bit encryption as part of their online service and constantly maintain their data center security parameters.
256-bit encryption (marketed as “Military-grade encryption”) involves scrambling the data into a key (a random string of characters) that will take 2^256 combinations for computers to decrypt, which would be extremely difficult to achieve. In other words, you have better odds at winning the top jackpot of a major lottery like the PowerBall*
Here are some recommended** FREE OFFLINE Password Manager Apps. Everyone’s needs are different; try them as they fit your needs:
- KeePass Password Safe Portable: Link
- LastPass Password Manager for iPhone:Link
- Password Safe: Link
- 2 Password: Link
- Password Agent Lite: Link
Conclusion: No method of password storage is 100% secure but being smart about your sensitive data helps minimize the risks.