Recent security "updates" counterproductive

Prior to the most recent security “updates” requiring the use of Personal Access Tokens, I was able to set my own memorable password, which meant I did not need to record the password anywhere except in my own head.

With the recent updates, now I must generate a token and then record it somewhere, since it is only displayed one time, which generates additional security risks, as well as added inconvenience.

Surely this could be easily resolved by allowing a user to supply their own “Personal Access Token” (a.k.a a password) of their choosing, a system which worked fine for many years.