> What are the benefits of using a "real" password manager, such as this one, compared to a plain encrypted file in vim?
• You get a proper password generator out of the box.
• Vim's encryption is awful: The current default method is documented to be feasible brute-forceable on a Pentium 133 MHz, and the optional "strong" setting is Blowfish (with an undocumented key-derivation function which is presumably awful as well), which Schneier wanted to have phased out 10 years ago – and by now we're seeing an increasing amount of successful attacks. Do not use VimCrypt if you want your data safe. (If you happen to have GPG set up on all your devices anyway, it can be a decent alternative.)
• Never underestimate convenience when it comes to security. Anything that makes it harder for someone to use their password manager increases the risk of password reuse.
• You get a proper password generator out of the box.
• Vim's encryption is awful: The current default method is documented to be feasible brute-forceable on a Pentium 133 MHz, and the optional "strong" setting is Blowfish (with an undocumented key-derivation function which is presumably awful as well), which Schneier wanted to have phased out 10 years ago – and by now we're seeing an increasing amount of successful attacks. Do not use VimCrypt if you want your data safe. (If you happen to have GPG set up on all your devices anyway, it can be a decent alternative.)
• Never underestimate convenience when it comes to security. Anything that makes it harder for someone to use their password manager increases the risk of password reuse.