Here's the thing .. as crazy as a notebook with passwords sounds, it's not accessible to someone across the internet.
Password managers check the URL before giving its data. A human being can be fooled into giving it to a fake web site.
TBF, they can be fooled too.
Bitwarden warns against using autofill on load for that very reason, as then simply loading a malicious page might cause it to provide passwords to such a site.
And then, a human when a site doesn't autofill, is more likely to just go "huh, weird" and do it manually.
So far the combined might of the Russian, Chinese, American and North Korean hacking teams have been unable to crack the post-it note on my desk.
now they know where to look.
If they're in my apartment I've already got bigger problems.
You didn't know they were coming, didn't tidy up, and now you feel awkward. The struggle is real.
Self hosted and air gapped.
As long as the notebook is in a locked draw I would pass this on an IT Audit.
Unfortunately it's a combination lock, and the code is written on a post-it stuck on the front of the drawer.
The combination is 1-2-3-4-5!
How the fuck do you know my PIN number?!
PSA: Home use? That's probably okay. Work use? If you're in-office, this is a ticking time-bomb that can get you fired, one way or another. Use the company 1password or whatever you have access to, please. Thank you.
InfoSec likes nothing more than for you to tell them not to worry because you write all your passwords down and only read emails after you've printed them. 100% secure.
This isn't the flex you think it is, OP. 99% of cybercriminals are also cowards. Physical security of ANY kind beats even the best password managers.
If you don't know what lattice-based encryption is and how to purchase it through NordVPN, start reading up because encryption as we know it isn't long for this world. Pretty sure they already dragged their feet too long on Bitcoin's algorithm but the day cracking common ciphers is within the grasp of quantum clusters is the day we all become Amish. Plan accordingly!
My understanding is that quantum computing has been taken into account for some modern cryptography. And that memory-hard cryptography basically defeats quantum computing solutions. There are a few methods, but one of them is just very long keys, it's trivial to make a cryptographic key longer.
So sure, you could defeat some of that with a machine operating with 1024k entangled qbits, (which is... oh man... not an easy task), in which case, wow, congratulations. But what if I increase my key length to 100k? It might take an extra 3 seconds to check the key and log in, but it'll take an extra 25 years for quantum computing to catch up.
I save all my passwords in a README.txt file
That's how they get you, i put mine in a DONTREADME.txt file.
So... It's a password book? Like, pen and paper?Not the best choice for storing passwords, but I'd be more willing to do that than trusting Amazon not to hold my passwords hostage with a digital service by them.
It's actually super useful for old people, who sometimes like to "accidentally log off" and stuff.
we might laugh at this but I think this is useful. Even though I wouldn't use something like this and I'd just use a regular dedicated blank notebook and my password manager, it can be useful to people who have problems with computers and can't handle a password manager, yet may give pages with good templates to show how to record sensitive information.
I have hundreds of logins, the convenience of a password manager is just too nice.
Exactly this is the reason why I gifted it to someone. I'm already glad they don't use 1 password for every website.
Still waiting for passkey support
Honestly, for at home personal use, it's better than any on device password manager. It's not hackable. Someone has to break into your home and steal it. For an office environment though....worst way to handle it after sticky notes.
Honestly, a physical password book isn't a bad idea.
Not accessible via the internet, and in most cases if someone has physical access to your system you're done for anyway.
The main weakness it has is from a nosey flatmate, spouse, or child in the house.
Still better than using the same password everywhere and/or saving passwords in an unencrypted text file on your computer somewhere.
Just not very user friendly.
Would you trust Amazon or any huge corporation with all your login and passwords ?
Valid question. But this article is a physical book in your own hands. I am not saying this is safe or anything but has nothing to do with Amazon besides that they sell it.
No
Is it AI powered tho?
I dropped my book and now debt collectors are after me. 0/5 would not recommend.
I see no issue with this, especially for an elderly person, for example, to keep at home. The only way this will get "breached", is if someone breaks into her home. At that point, the password book is the least of her concerns anyway. In fact, from a cyber security point of view, this is brilliant if kept in a safe place, such as a locked safety box. You can't really remotely hack a physical book.
Keeepass, simple and easy to use! https://keepassxc.org/
For a lot of people at 60+, writing things down is easier and safer. It will also help anyone that would need to troubleshoot or in the event of death in a very simple way.
* for the tech inclined
Managing sync between mobile and desktop is a bit more complicated than average consumers have the patience for (it’s really not very complicated, average consumers are just impatient)
I should get this for my dad, he recently got a new computer at best buy and the geek squad told him his files were all in the cloud and sent him home. Guess who got a call the next day because "all my passwords are in a word document in some fucking cloud". Yeah that was a fun day spent setting up his computer while listening to his rant about the geek squad and "the fucking cloud".... thanks geek squad....
As a software engineer who values humanity has done a good bit of work with "the cloud", i think your dad has the right set of feelings towards the cloud. That fucking cloud can go get bent
I had one of these I got it around 15ya but I never used it. I remember liking a particular aspect of it as if I had a specific use-case in which it would be handy but I can't remember what that was.
Anyways, I've been on the keepass bandwagon through multiple reboots of it's software lineage along with Keepass2Android and I am satisfied.
This is a most excellent place for technology news and articles.
