It's about the attack vector though, right? My dad has passwords written in a notebook, but to compromise that you'd need to break into his house & find it.
If the alternative to not using a password manager is password reuse or enumeration (sup3rMan!_gmail), it becomes for attackers even if they're not explicitly targetting you, as they can run patterns against the whole DB against Gmail/Hotmail/Facebook etc
If the alternative to not using a password manager is password reuse or enumeration (sup3rMan!_gmail), it becomes for attackers even if they're not explicitly targetting you, as they can run patterns against the whole DB against Gmail/Hotmail/Facebook etc