[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Writing passwords down

On 17 Dec 2024 20:44 +0000, from debian-user@howorth.org.uk:
>> https://www.ncsc.gov.uk/blog-post/what-does-ncsc-think-password-managers
> 
> I tend to agree but I'll play Devil's Advocate here.
> 
> If I was NCSC would I prefer to break a few password managers or
> millions of individual passwords?

Counterpoint: Absent a password manager, people in general are
_terrible_ at coming up with and remembering _good_ passwords.
Especially the hundreds (or more) of passwords you can easily get to
after being on the Internet for a while.

And yes, a little black book can definitely be a password manager
(assuming that you have some other way of generating good random
passwords). In fact, for some people that might even be better than a
digital solution, because a lot of people who have a poor grasp of
digital information security _do_ still have a decent grasp of
security surrounding physical possessions. They might not readily
grasp the implications of handing their unlocked phone over to a
stranger, but they probably do grasp the implications of handing their
home keys over to the same stranger.

-- 
Michael Kjörling
🔗 https://michael.kjorling.se
Reply to: