3- Writing down your password rather than saving them on your computer is a better idea. I have a small notebook which I keep my passwords.
I also have a word document which I save some of my private keys, it is a locked document - not so safe I know...
This is still a very bad method to be honest because once the document file that has your private key has been bypassed your coins will be vulnerable to the hacker.
It’s best not to associate your private key or secret phrase with your computer or online and that includes saving them in a notepad or Microsoft Word.
KYC issue: I prefer not to do KYC for airdrops or bounties. If their database gets hacked, your passport can end up in Dark web. For exchanges, I always try to use my Driving License instead of my passport for KYC (some of them only accepts passport :/ )
Even for reputable services it’s still difficult for some users to complete kyc due to the fear of their privacy being compromised and you’re telling me that there are bounties out there that are actually requesting users to complete KYC that’s pretty stupid if anyone performs such a thing except they are willing to risk their privacy for the little money that comes with the airdrop and with the way airdrops are being done nowadays it takes time to come across an airdrop that pays good amount.
As for the license or passport I don’t really see any difference there, as long as they can be used maliciously to affect the owner and that’s what the hacker is after.