I was gonna ask about the biometrics part in a separate question, but its both about security, so might as well combine it in one post.
Okay so I don’t use password managers. I just try to make easy to remember passwords 3-4 random words + 3-4 random numbers. Online accounts can’t be brute forced anyways. Edit: I mean most websites have log in limits don’t they? Maybe I’ve been mistaken?
For offline accounts, I just increase the words and numbers. For mobile I don’t use biometrics, although I’ve been testing whether or not I want a pin + no biometrics or alphanumeric password + biometrics. I just can’t decide.
Would strongly recommend a password manager. I use bitwarden, you can use self host it or not. If you don’t like bitwarden there are plenty of free options. Random password generation and sync is going to be a better practice than much else I can think of, so I’d encourage you to go for it! 😬