There seems no easy solution.

Strong passwords are forgotten easily if you don't often use them.

Password managers have a single source of failure. Crack the database password and you're in. Your life is fucked.


I sometimes use obscurity. For example, leave a complex password somewhere but without a username or the site concerned. Someone who might find it knows its a password but has use for it, it could be the password to absolutely anything.