Website name | account name | password | Date last changed | Notes (check qs and additional login info)
Paper is safer imho. I'd love to take him to a password store but he's ipad and integrations are poor. The built in Keystore is fine: he just forgets which ones he's reused. Chrome does good checks if you love Google.
2FA needed. I wish it wasn't SIM/txt but for now it's all I can reliably get him to apart from Apple "check trusted device"
Distinct pw per account is increasingly vital. Seniors have shitloads of risk in their pension banking and related.
The actual question is why haven't we solved authention in a way that would work for most people? Passwords suck. Webauth sucks. Two-factor sucks more than you can ever imagine. There isn't a way to authenticate that wouldn't suck for normal people (apart from password-less one-time sessions but those don't solve most auth problems).
That said, what's wrong with the time-tested way of Post-IT notes? No, it's not secure but it's one of the only ways that actually works with normal non-autistic people. Or like @ggm said above, a paper with login codes attached to their fridge with magnets. It just f*cking works.
He used to manage fine when he could use the same password for everything but alas those days are gone.
Funnily enough I had to hack into his account last week since he was locked out and the only way back in was a phone call to the bank which I was able to make and answer every question required for a reset. It was basically standard name address and date of birth stuff.
Seems to work well for them.