EEPROM Memory management for Hardware Password Manager

Hi all
I am working on a Hardware Password Manager based on SAMD21G18A(Arduino zero).The device will store user credentials (Url/Username/Password combo) for different URLs & retype them when any button is pressed on the device.I will use an OLED to display the Usermname/Password/URL info to the user.Also,the user must be able to enter new credentials/Edit existing credentials via serial terminal/Python GUI.....
I will use a EEPROM(preferably 24LC256 type or higher) to store the user credentials.
I have some queries regarding this part....

  1. Should I keep the crendentials fixed to certain bytes(i.e static length) rather than dynamic length to avoid complexity?
    For ex: url/username/password must have a max length of 32 bytes each. i.e eeprom memory location 0-31(decimal) will be used for url(will be saved in plain ASCII text to get searched easily).Memory location 32-63 will be used for corresponding url's username(saved in some encrypted version) & 64-95 memory location will be used for pasword(encrypted)
    If the length of the credentials will be dynamic,then it will be complex to maintain the eeprom memory location....

Is my approach correct?

  1. How to reuse a free memory location in eeprom?
    For ex: I delete 3x32=96 byte datas(for some random site's crendials) starting EEPROM memory location 128(0x80).

What I want to say,how to keep track of free memory locations?