[Cryptography] Of writing down passwords
Dave Howe
davehowe.pentesting at gmail.com
Wed Sep 24 08:01:17 EDT 2014
On 22/09/2014 01:35, Harald Koch wrote:
> These days I teach this heresy - people should choose really strong,
> hard-to-remember passwords, write them down, and stick them in their
> wallets. (obviously this doesn't apply to credit card PINs.) This is
> especially useful for rarely used passwords (like the WiFi router
> password).
I usually give similar advice.
I suggest (and provide, on request) a cc-sized card with 20
pre-generated random passwords, and space beside each one to write on
what it is used for (initially blank). When you need a password, use
the next one on the list. if you run out, ask and I will give you
another card.
For most (infrequently visited) sites though - if it lets you reset
the password via email, then just generate a random one, and don't
bother to try and remember it. When you need to use that site next,
reset it via email. Odds are good its easier to do that than to try and
keep track of the password, and that lets you save your "secure"
passwords for sites that need it (such as your email) rather than those
that don't.
More information about the cryptography
mailing list