I was gonna ask about the biometrics part in a separate question, but its both about security, so might as well combine it in one post.
Okay so I don’t use password managers. I just try to make easy to remember passwords 3-4 random words + 3-4 random numbers. Online accounts can’t be brute forced anyways. Edit: I mean most websites have log in limits don’t they? Maybe I’ve been mistaken?
For offline accounts, I just increase the words and numbers. For mobile I don’t use biometrics, although I’ve been testing whether or not I want a pin + no biometrics or alphanumeric password + biometrics. I just can’t decide.
I used a similar password method myself, but I did find many of my accounts getting hacked still. Unfortunately many online accounts can be brute forced, and using any combination of words and numbers makes for an easy dictionary attack.
I now use a password manager that I trust (1password), and a long hard to remember master password.
I do use biometrics when available, for the ease of use.