If you only have the password to your password manager, how do you log on to your computer?
Honest question since I want a solution to that problem. I want separate credentials for my home and office computer so even though I use a password manager I have like 3-4 sensitive passwords I have to keep in my head.
My laptop has a fingerprint sensor that I use. There is a backup password but I don't know what it is but I do have it in my password manager that I can access from my phone.
My office computer has a relatively weak password because there's nothing on it that is personally sensitive. They force a password change every three months so I added a counter to the password and just increment that each time (pa$$1word, pa$$2word, pa$$3word, etc...).
I might be wrong, but I believe a fingerprint is equivalent to around 80 bits of entropy which is roughly the strength of a good 13 character password.
A determined adversary can do things like lift a fingerprint from elsewhere and use that, but it's not really something I worry about too much. They could also arrest me and press my finger down on the sensor or beat me and I'll tell them every password I can.
I mostly worry about having strong credentials to remote systems.
Honest question since I want a solution to that problem. I want separate credentials for my home and office computer so even though I use a password manager I have like 3-4 sensitive passwords I have to keep in my head.