Bitwarden surveyed 2,400 individuals from the US, UK, Australia, France, Germany, and Japan to investigate current user password practices. The survey shows that 25% of respondents globally reuse passwords across 11-20+ accounts, and 36% admit to using personal information in their credentials publicly accessible on social media (60%) platforms and online forums (30%). These practices reveal a significant gap between recommended security practices and actual user behavior, highlighting how weak password habits and password reuse … More → The post Most people still rely on memory or pen and paper for password management appeared first on Help Net Security.
If you’re writing down your passwords for personal use, and you keep them collected in a notebook or something you’re fine. If a bad guy has broken in to your home where they would have physical access to your notebook, then you have much bigger security problems than having your passwords compromised. Keeping a physical notebook of passwords would be much safer than keeping them in a file on your computer.
Password reuse is a much bigger security problem than writing your passwords down.
Replying on pen and paper is a very secure method to handle your passwords.
Until they take a photo so they can have them on their phone
Not me, I’m dumb make up all my passwords.
Then I write them into a note file on my phone locked behind another password.
I’m sure it’s not safe
You are close though. Get a real password manager and you have them saved plus more security, and convenience on top when entering them in apps etc.
Yeah I just don’t trust a password manager entirely. They get hacked and it’s done.
Same as the service where they supposedly requeste all your private information be removed so you don’t get scam calls and emails etc anymore.
Probablem with that is its subscription and when you finish paying the subscription I’m sure they would sign you back up
Besides there being trustworthy ones, there is also the option to selfhost one and only expose the service to the WiFi. E. g. Bitwarden. Means you can only sync at home, but still better than a bloody text file.
Or use Keepass for a filebased vault and sync that with Syncthing. With browser addons and autotype it is still way better than copy and pasting passwords from a file, using the clipboard.
I second keepass. It’s running in at least half the secure environments we all rely on anyway.
Jokes on you I just punch in shit at random and reset them every time
Nothing wrong with this as long as you’re using a reasonably secure email service for the account recovery. All of those other accounts are only as secure as the recovery process anyway.
