• @[email protected]
    link
    fedilink
    English
    244 months ago

    A friend has a notebook next to her computer with all her passwords in it. Initially I was horrified - what if you’re burgled? - but actually it’s genius. Much more secure than letting a browser remember them, and she doesn’t even need to memorise a Bitwarden password.

    • Captain Aggravated
      link
      fedilink
      English
      334 months ago

      In a household it’s probably not that bad. There aren’t many people breaking into homes looking for account details.

      I’ve had my identity stolen several times, and every single time it was stolen from a Fortune 500 company.

    • @[email protected]
      link
      fedilink
      English
      174 months ago

      I just make all of my passwords password123 then I don’t have to worry about memorizing them

    • @[email protected]
      link
      fedilink
      English
      134 months ago

      Just add the same memorized bit to the end. Something simple like “123” would work. Even if the book is stolen it won’t do them any good.

    • @[email protected]
      link
      fedilink
      English
      84 months ago

      It’s a primitive password manager, primitive because unencrypted and not integrated into your devices, but far better than not having a password manager.

    • @[email protected]
      link
      fedilink
      English
      84 months ago

      My mom told me that she was made fun of for having a book of hand written account credentials related to running her business (6 people total). I told her it was the best way to do it that wasn’t massively overcomplicated for her situation and to keep it up. The only recommendation I made is that she use different long passwords for every site since she’s already not memorizing them.

      Personally I’m not convinced this isn’t the best way unless you’re being targeted by physical bad actors

      • JackbyDev
        link
        fedilink
        English
        44 months ago

        Where is this book? In the office? I’d say that’s absolutely horrible. If it’s at home I think that’s more okay.

            • @[email protected]
              link
              fedilink
              English
              24 months ago

              Sure, if someone knows her physical address, knows how to disable the building alarm, knows what drawer she keeps the passwords locked in, and knows how to pick the lock, she could be in trouble. But that is a very targeted attack and if someone is that determined she’s screwed anyway.

              99.9% of attacks are the “low hanging fruit, protected from repercussions by not physically being there” kind.

              • JackbyDev
                link
                fedilink
                English
                14 months ago

                Someone like an employee, janitor, or maintenance worker who has physical access to the building already is what I’m talking about. That’s definitely a low hanging fruit type of attack. See your boss’s passwords while your pissed off, snap a picture with your phone, fuck with them later.