As far as I know, this will have to be a manual process of enumerating all your accounts, and changing the password for each one using their own reset password mechanism.
I did this when I first started using a password manager and the couple of hours that I put in years ago have paid off over and over again with peace of mind and better security practices.
Does anyone have a recommendation for a good and secure and preferably free password manager?
1password. Not free but absolutely worth the money.
You have better alternatives: bitwarden for those looking for a cloud solution, keepassXC who prefer to keep the data under their own control. Plus, they are both free/libre.
I've tried Bitwarden, pass, and KeepassXC in the past. 1password is by far the most polished. If you consider how big the problem space is (interoperating with every possible broken website out there), support for TouchID/Apple Watch unlock, etc I think I'll take it over having access to the source I will never read.
It's not about what you reading it, it's about ensuring that someone else can do it.
Anyway, I hate to be Cassandra, I just lost count of how many stories I heard of people regretting taking "convenience over freedom" with critical software.
> It's not about what you reading it, it's about ensuring that someone else can do it.
I fully agree with you on this one. However being free/libre doesn't mean that that "someone" will actually fix your problem. I've been a software developer/hacker/OSS enthusiast for close to two decades, but I'm mighty tired of 1. software that's impossible for me to fix myself, 2. its authors who don't care enough about my problem.
I've had one minor issue with 1password and I was blown away with how good their support was. They followed very good OpSec while not appearing intimidating to what they didn't know wasn't a non-technical user, they solved the problem on the spot, and they gave me a few months free to compensate for the inconvenience. At the same time, I've currently lost track of how many random Github issues I'm subscribed to, with some going on unsolved for years.
Being free/libre is just one dimension, orthogonal to other qualities software might have. These other qualities include simplicity/hackability, cost, usability, convenience, support, security, accessibility, respect for your time, ethical/mindful design, and many others. It's OK to choose your own trade-offs.
> I just lost count of how many stories I heard of people regretting taking "convenience over freedom" with critical software.
All online vaults remain available offline; the client allows a full export, including in plain old CSV. Bitwarden has builtin import functionality; or I can write a few lines of code and put it in pass. Worst case scenario, 1password going fully evil and pushing a silent client update to lock me out? I go offline, restore the app+vault from a backup, and export. It very firmly fits into the category of "problems I can fix myself".
> 2. its authors who don't care enough about my problem.
Have you offered to pay them anything? At least a good fraction of what you pay to the proprietary alternative?
Anecdotally, I like what the developer of Blink Shell[0] has done. The app is 100% free software[1] under GPL3, so you can easily build it yourself with XCode, upload to your phone, and use as usual from there, which isn't a big hurdle for the target audience. But I bought it. At the time IIRC it costed 20 bucks on the App Store. I bought it because it was incredibly frictionless to pay the money (Apple is good at that), and it felt good to support the developer of a tool I liked and used.
So it leaves me wondering, where are the big obstacles. All other things being equal, I will choose a free/libre solution, but we know things are far from equal.