Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Even more so, I think writing down passwords on paper is actually pretty good security:

An attacker can only hack the paper with physical access to my office. But if they have that, they might as well install an physical keylogger.

You can also combine a written down fragment of the password with a remembered one.



> An attacker can only hack the paper with physical access to my office.

... and there are lots of unrelated people with physical access to your office. Cleaning staff, building maintenance, HVAC technicians, printer service staff... and all of these may not have the same level of background checks as your company has.

And even if you hire all of these yourself (which makes sense at a certain scale), that still doesn't protect you against marketing inviting a camera crew and walking around everywhere in one of these typical "life at the office" short films for Linkedin. IT staff offices seem to be very popular for such films since they're usually the most personalized rooms with lots of nerd stuff on the walls and desks.

Besides: swiping a photo of a post-it leaves no evidence, whereas installing a physical keylogger certainly does.


Nobody said the piece of paper has to be a post-it on your monitor. It could in a folder in a locked cabinet.


Just write it in your class syllabus; no one will ever find it there.


Yes. What I had in mind when I wrote my comment, was to stick the piece of paper in your wallet. But your suggestion also works.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: