While one can avail oneself of a password vault, that simply centralizes your vulnerability. Sure, using the same password for everything is a mistake, but there’s an easy fix. It’s called using a salt. Here’s how a salt works: you think of a phrase that you’ll be able to remember easily, such as RedHatSally. As most passwords these days insist on at least one capital letter and one integer and one special character, you can transform this into Redh@tsa11y. Now you’ve got your basic password.

With this basic password you go to your first account (let’s pretend it’s your online bank account). You apply a simple salt to your password. An example would be -1,2. This means you decrement the first character by one and increment the next by two. Then you repeat until you’ve completed your password. This transforms Redh@tsa11y into: Qdg!srz00x.

You store your salt in your phone or on a piece of paper or in a file on your laptop. You can call this entry bank-1,2. Now you go to your next account and use the same password but with a different salt, for example 3,-1. For each account it’s the same password but a different salt, each of which you record in a file somewhere (or in multiple places, to be on the safe side).

Someone would then need to learn (a) your original password, which you don’t write down anywhere because it’s so easy to remember and you’re going to use it all the time and thus keep it fresh in your memory, and then (b) the unique salt for any given account. Even if someone found your phone, your salt file would look like incomprehensible gibberish and without your actual password the salts are useless.

This approach is much less risky than trusting everything to a vault, and doesn’t cost you anything. Sure, it requires a modicum of effort but… isn’t your security worth it?