Obviously better than any digital ones, but having them all in plaintext in a single book that could get stolen, destroyed by a coffee spill, eaten by a dog or whatever has its downsides
The risk of someone breaking in and stealing the book is extremely low for most users. If that analog book prevents her from using the same password over and over its a good security feature.
But couldn't you say that about non-digital password storage? Someone could be logging your keystrokes, your passwords could be part of a security breach dump, etc.
Just curious because I've always been told writing down passwords, esp. somewhere easily accessible is an extremely bad security practice and that encrypted password databases, along with complex passwords that are different for every account was the best option. Of course nothing is fool proof, just not sure if I'm missing some major security flaw with programs like Keepass.
Without going full paranoid mode, it's true that a password manager is an additional point of potential failure. I'm pretty sure websites can read your clipboard, for example.
Obviously better than any digital ones, but having them all in plaintext in a single book that could get stolen, destroyed by a coffee spill, eaten by a dog or whatever has its downsides
True but better than my mom's old system of writing them on a white board
The risk of someone breaking in and stealing the book is extremely low for most users. If that analog book prevents her from using the same password over and over its a good security feature.
Is there something wrong with password managers?
In theory the should be fine, but you can have things reading from the clipboard or other security breaches
But couldn't you say that about non-digital password storage? Someone could be logging your keystrokes, your passwords could be part of a security breach dump, etc.
Just curious because I've always been told writing down passwords, esp. somewhere easily accessible is an extremely bad security practice and that encrypted password databases, along with complex passwords that are different for every account was the best option. Of course nothing is fool proof, just not sure if I'm missing some major security flaw with programs like Keepass.
Without going full paranoid mode, it's true that a password manager is an additional point of potential failure. I'm pretty sure websites can read your clipboard, for example.
As far as I know you must manually enable that option in browser, though I suppose a malicious extension could do so without your knowledge.