Passwords on Paper
Why are we bringing ink and paper into this?
Passwords can be a tricky thing. They need to be random, long, and unique but we also need to remember them. In most cases, this problem is solved by using a password manager. And you definitely should opt for a password manager!
For those that either can't use a password manager or just haven't reached that step in their security journey, I recommend using good ol' pen and paper.
It's far from perfect! But I believe that it does provide better theoretical security than other commonly used methods of storing passwords. This is especially true is only used temporarily, or while memorizing a new password.
Example of an index card for temporary passwords
Some commonly used password storage methods that I believe you shouldn't use:
- Spreadsheets, documents, or text files
- on your laptop or desktop
- in Google Drive
- in Office 365
- Built-in password managers
- in your web browser (Chrome, Firefox, Safari)
- on your mobile device
- Mobile device note apps
Take care when using passwords on paper:
- Don't let others see them
- Don't leave them on your desk
- Don't stick them your monitor or anything else
- Don't put them under your keyboard
- Do store them somewhere very safe when you don't need to see them
- Do change them right way if your paper is exposed
If I had to choose between unique passwords for all accounts written on paper or a single password reused everywhere, I would choose the unique passwords on paper. But I strongly encourage using a proper password manager over either practice.
At the very least, paper isn't connected to the internet.