For personal use, stop saving passwords in Notepad or Word docs. Tools like Bitwarden or 1Password encrypt your data, making it useless even if a file is somehow leaked.
For Apache, you can add Options -Indexes to your .htaccess file. For Nginx, ensure autoindex is set to off . index of password txt best
Hackers look for lists of usernames and passwords to perform "credential stuffing" attacks on other sites. For personal use, stop saving passwords in Notepad