LastPass was NOT hacked. It has a flaw which would allow for remote code execution or password theft. Big Difference.
I keep a generic-named spreadsheet of my passwords on a flash drive. I've considered using a Pass Word manager to simplify life, but my concern has been
What if someone steals either my laptop- or my desktop- Can they then not have "automatic" access to my password-protected websites? Couldn't that be a problem with, say, banking, brokerage or other financial websites? Or any website for that matter. That is also why I always decline my built-in password manager's (FireFox) offer to keep my passwords. Am I somehow "off-base" in worrying about this?
THEN you post about Last Pass (one of the PW Managers I have seen recommended) being vulnerable...
Put the spreadsheet file into an encrypted zip file. I know in Linux I have the option of making any zip file be encrypted, requiring a password to open. I don't know what windows system you use, but you can test if it will create an encrypted zip file by creating any text file, then right clk and choose to add to a zip file and see if windows also gives you the option to encrypt it. If not, then use a zip file program which will allow that. It's the easiest and quickest way I know to secure files.
there will always be a risk no matter how you save your passwords. just about every major password manager has been hacked or had some flaw at one time or another. I personally use lastpass for years, I believe since almost as long as they have been in existence. I am not too concerned about the current flaw, though I am keeping watch.
as far as someone have automatic access to your sites if they steal your laptop. it depends on your settings. just dont have the password manager automatically start when you open your browser. In addition you can have two factor authentication just to log into the password manager. That is what I do. so if your laptop is stolen, there is absolutely nothing to worry about.