When I worked at a small company, we kept passwords of not-often-used-accounts on post-its, but in a coconut cup on our desks. The coconut makes it more secure, obviously.
This isn't great, but post-its are more secure than other alternatives...like re-using the same password everywhere.
Your likely attackers are probably not hanging around the office. (Still not ideal, of course)
Password managers are a bit like post-it notes. Maybe you're sitting at a coffee shop, you run to the bathroom ("hey can you watch my stuff for a sec?")βit's very possible that someone could snoop onto your computer and expose all your passwords that way.
Again, the person who happens to be sitting next to you at Starbucks is probably not your biggest threat, but you never know.
This is a good point. An out of context password on a sticky note, in my notebook (or in a coconut) isn't a major risk. But, it's also not an ideal habit to have.
Hey! I'm Dan!
I have been coding professionally for over 10 years and have had an interest in cybersecurity for equally as long!
I love learning new stuff and helping others
Location
Brighton / London, UK
Education
Edinburgh Napier (Postgrad Cert Advanced Security & Digital Forensics)
Although a good password manager is encrypted, whereas a post-it note probably isn't!
And you can set an auto timeout on good password managers so that after 10s you have to type your password manager password for access.
I think the best way to store passwords is random strings generated by a password manager, imho. Manually copy to manager on mobile and vice-versa to avoid posting via a cloud service. I'm not paranoid, honest! ππ
Seeing a lot of post-it with passwords all over the offices.
Guilty.
When I worked at a small company, we kept passwords of not-often-used-accounts on post-its, but in a coconut cup on our desks. The coconut makes it more secure, obviously.
"What's the password for XYZ again?"
"It's in the coconut"
This isn't great, but post-its are more secure than other alternatives...like re-using the same password everywhere.
Your likely attackers are probably not hanging around the office. (Still not ideal, of course)
Password managers are a bit like post-it notes. Maybe you're sitting at a coffee shop, you run to the bathroom ("hey can you watch my stuff for a sec?")βit's very possible that someone could snoop onto your computer and expose all your passwords that way.
Again, the person who happens to be sitting next to you at Starbucks is probably not your biggest threat, but you never know.
This is a good point. An out of context password on a sticky note, in my notebook (or in a coconut) isn't a major risk. But, it's also not an ideal habit to have.
Although a good password manager is encrypted, whereas a post-it note probably isn't!
And you can set an auto timeout on good password managers so that after 10s you have to type your password manager password for access.
I think the best way to store passwords is random strings generated by a password manager, imho. Manually copy to manager on mobile and vice-versa to avoid posting via a cloud service. I'm not paranoid, honest! ππ
[at] Ben Halpern - You would be surprised to see how many attackers are actually in the offices.
I walk around the office somewhat regularly and destroy any password post-its I find.
At least leave a donut behind.
Thats awesome!