Passwords on Paper

Passwords can be a tricky thing. They need to be random, long, and unique but we also need to remember them. In most cases, this problem is solved by using a password manager . And you definitely should opt for a password manager!

For those that either can't use a password manager or just haven't reached that step in their security journey, I recommend using good ol' pen and paper.

It's far from perfect! But I believe that it does provide better theoretical security than other commonly used methods of storing passwords. This is especially true is only used temporarily, or while memorizing a new password.

Example of an index card for temporary passwords

Some commonly used password storage methods that I believe you shouldn't use:

• Spreadsheets, documents, or text files
• on your laptop or desktop
• in Google Drive
• in Microsoft 365
• Built-in password managers
• Apple's built-in Passwords app (available since iOS 18) is now a solid option, especially when paired with Advanced Data Protection for end-to-end encryption. However, most other browser-based password storage (Chrome, Firefox) still doesn't meet the same standards as a dedicated password manager.
• Mobile device note apps

Take care when using passwords on paper:

• Don't let others see them
• Don't leave them on your desk
• Don't stick them your monitor or anything else
• Don't put them under your keyboard
• Do store them somewhere very safe when you don't need to see them
• Do change them right way if your paper is exposed

If I had to choose between unique passwords for all accounts written on paper or a single password reused everywhere, I would choose the unique passwords on paper. But I strongly encourage using a proper password manager over either practice.

At the very least, paper isn't connected to the internet.