Cloud Storage
There is no cloud, there is only someone else's computer
Here, the options get murky. Google Drive is obviously the giant in this space. Apple positions itself on privacy, and they do have a better track record than google. However, it's still a for-profit corporation, one policy change away from becoming evil.
Alternatives based in countries with strong privacy laws
Proton and Tuta provide secure emails and cloud storage to go with it. However, their free offerings are paltry. They do provide end-to-end encryption for your stored documents. Their apps are open-source, so the encryption is verifiable.
For those that do not want to spend money, and are willing to sacrifice some convenience for secure cloud storage, another option is to encrypt all files before uploading them to the cloud.
If you happen to use a WebDAV-enabled cloud that you do not own (someone else's Nextcloud server, for example), you can use an app like Cryptomator to do this encryption on your device automatically before uploading.
The ultimate option for cloud storage is to host your own. Nextcloud and Owncloud can be self-hosted, and they provide guides and strong community support for this.
One downside of Nextcloud is that the owner of the instance can access your files, so it's not advised to blindly use a Nextcloud server owned by someone you don't trust. Of course, this is where local encryption and apps like Cryptomator come in handy.
Syncthing is yet another open-source option for cloud storage. Sort of.
Rather than providing a centralised storage space, it merely provides an interface for your devices to exchange files in an encrypted form.
If you have a perpetally-online, high-storage device, syncthing is indistinguishable from any other cloud storage. If you don't, it still is a capable, low-effort tool to help synchronise your files.
However, the lack of self-hosting is a concern in case the main web service ever goes down. Your files would still be safe, though.
Password Manager
Password managers are an interesting phenomenon. We've been advised to use different passwords on different apps so that a password breach at one of them does not affect others. We've also been advised to use complicated passwords. So now we use password managers that help us remember the different complicated passwords, which is itself a single point of failure protected by a password that's easy to remember.
Again, Google and Apple provide password management services, and a data leak (or an evil employee) could compromise your saved passwords. The same is true for nearly any other password management providers.
On the other end of the spectrum is writing down your passwords in a notebook. This has the added advantage of allowing your loved ones to access your passwords in case of emergencies. I do not need to highlight the insecurity with this method, though.
Bitwarden is a provider with open-source server and client software, with some peripheral proprietary modules. The data model here is similar to syncthing, in that none of your data rests on any centralised server - all data is transferred between your devices. It does flow through the centralised server in an encrypted form, but the option to self-host is already available. The only reason you would not choose bitwarden is if you lost access to all your devices and needed to still be able to access a password from, say, a friend's device.
Nextcloud, the self-hostable cloud storage, provides a password manager, imaginatively named Nextcloud Passwords.
A crazy-but-practical solution is to have a private git repository - which could live on github or gitea or wherever you like - and store your passwords on it. Encrypted or not.
Password Store automates this for you. The android app has been discontinued, and may soon disappear from F-Droid. Hopefully someone will fork it.