[Cryptography] Of writing down passwords
Bill Stewart
billstewart at pobox.com
Wed Sep 24 14:15:51 EDT 2014
At 11:45 AM 9/23/2014, Maarten Billemont wrote:
>And yet, as you point out, there is a real risk involved with
>writing passwords down, especially when you do so in a non-physical
>location (eg. iCloud notes, password manager).
The security you get with writing passwords down is inherently
because it's physically written and kept in a physical location,
not on some electronic medium that could be cracked.
iCloud notes doesn't do that, password managers don't do
that. (Well, maybe a password manager running on a device that's not
used for anything else could be similar, like that old Palm Pilot
that's really going to stay air-gapped.)
>[password manager ...]
>The downsides are obvious: don't lose your single password and
>computers can be monitored.
Keyboards can be snooped, and you have to assume any keyboard that
you don't carry in your pocket is part of the threat model, and any
device that connects to the internet is part of the threat model.
More information about the cryptography
mailing list