A long memorable passphrase is pretty good as a master password for a password manager.
Proton
Empowering you to choose a better internet where privacy is the default. Protect yourself online with Proton Mail, Proton VPN, Proton Calendar, Proton Drive. Proton Pass and SimpleLogin.
Proton Mail is the world's largest secure email provider. Swiss, end-to-end encrypted, private, and free.
Proton VPN is the world’s only open-source, publicly audited, unlimited and free VPN. Swiss-based, no-ads, and no-logs.
Proton Calendar is the world's first end-to-end encrypted calendar that allows you to keep your life private.
Proton Drive is a free end-to-end encrypted cloud storage that allows you to securely backup and share your files. It's open source, publicly audited, and Swiss-based.
Proton Pass Proton Pass is a free and open-source password manager which brings a higher level of security with rigorous end-to-end encryption of all data (including usernames, URLs, notes, and more) and email alias support.
SimpleLogin lets you send and receive emails anonymously via easily-generated unique email aliases.
You can login to proton pass (after the first time) with either a PIN for the browser extension, or your fingerprint on mobile (if your phone has a fingerprint reader). You can also make your password memorable but still very long.
I agree with other comments, a long passphrase coupled with a couple of yubikeys would be great. Even more when a separate validation for Pass come to production. Hopefully soon.
Afaik they‘re working on deattach Pass from the other Services, until then I keep BW + Authy as a backup
I'm a little worried about this too... With 1Password, I'm fine with having a master password I can remember, since I know it's only useful to an attacker if they also have access to one of my devices, or know my Secret Key. That means that a targeted, high-effort attack is necessary to get in. Proton Pass just being protected by a single password makes it way easier to run remote attacks.
You can use 2fa with proton as well. I have yubikeys configured for instance.