I do agree that password managers are generally more secure than memorable passwords, however, they also pose he Achilles heel of a system, as one password unlocks all. That is why 2FA tops everything, as even with a weak password, as a hacker would need to crack an OTP to gain access, or convince the one holding the 2nd device to unlock the account for them.
However I do want to contest the claim that all user-friendly passwords are inherently unsafe. The Electronic Frontier Foundation did a Deep Dive on randomly generated passphrases and shows how secure the system is by entropy alone.
I do agree that password managers are generally more secure than memorable passwords, however, they also pose he Achilles heel of a system, as one password unlocks all. That is why 2FA tops everything, as even with a weak password, as a hacker would need to crack an OTP to gain access, or convince the one holding the 2nd device to unlock the account for them.
However I do want to contest the claim that all user-friendly passwords are inherently unsafe. The Electronic Frontier Foundation did a Deep Dive on randomly generated passphrases and shows how secure the system is by entropy alone.