this post was submitted on 19 Jul 2025
448 points (92.1% liked)

Technology

73008 readers
2901 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots


founded 2 years ago
MODERATORS
 
top 50 comments
sorted by: hot top controversial new old
[–] vk6flab@lemmy.radio 187 points 2 days ago (9 children)

Here's the thing .. as crazy as a notebook with passwords sounds, it's not accessible to someone across the internet.

[–] 6nk06@sh.itjust.works 70 points 2 days ago (1 children)

Password managers check the URL before giving its data. A human being can be fooled into giving it to a fake web site.

[–] MentalEdge@sopuli.xyz 38 points 2 days ago* (last edited 2 days ago) (9 children)

TBF, they can be fooled too.

Bitwarden warns against using autofill on load for that very reason, as then simply loading a malicious page might cause it to provide passwords to such a site.

And then, a human when a site doesn't autofill, is more likely to just go "huh, weird" and do it manually.

[–] Darkassassin07@lemmy.ca 18 points 2 days ago* (last edited 2 days ago)

You've always got the human element, bypassing security features; but extra little hurdles like a password manager refusing to autofill an unknown url is at least one more opportunity for the user to recognize that something's wrong and back away.

If you're already used to manually typing in the auth details, you may not even notice you're not on the site you were expecting.

load more comments (8 replies)
[–] vext01@lemmy.sdf.org 14 points 2 days ago* (last edited 2 days ago) (1 children)

Yeah, It's actually quite a secure way to store passwords, since it requires physical access.

I knew a guy who had a drawer full of slips of paper with passwords written on. He called it the "security drawer". Made me smile, but probably shouldn't have been advertising it.

load more comments (1 replies)
load more comments (7 replies)
[–] _stranger_@lemmy.world 72 points 1 day ago (4 children)

Self hosted and air gapped.

[–] Newsteinleo@midwest.social 18 points 1 day ago (1 children)

As long as the notebook is in a locked draw I would pass this on an IT Audit.

[–] Patch@feddit.uk 11 points 1 day ago (3 children)

Unfortunately it's a combination lock, and the code is written on a post-it stuck on the front of the drawer.

load more comments (3 replies)
[–] dangercake@feddit.uk 15 points 1 day ago (1 children)
load more comments (1 replies)
[–] paraphrand@lemmy.world 10 points 1 day ago

Quantum proof

load more comments (1 replies)
[–] TheGrandNagus@lemmy.world 61 points 2 days ago (17 children)

Honestly, a physical password book isn't a bad idea.

Not accessible via the internet, and in most cases if someone has physical access to your system you're done for anyway.

The main weakness it has is from a nosey flatmate, spouse, or child in the house.

[–] tiramichu@sh.itjust.works 35 points 2 days ago

Yep. My Dad in his late 70s uses this system and it works great for him.

People make fun of it, but for people with low tech literacy this is actually far better than having a mish-mash of solutions where some their logins end up automatically saved in iOS on their phone, some are saved in Chrome on the desktop, some are just in their head, they don't know where anything is, and are constantly losing access and resetting credentials all the time.

And it definitely reduces the burden on me of parental tech support, when its all in the book.

[–] DJDarren@sopuli.xyz 11 points 2 days ago

My Mum died recently and my step dad is shit with tech, so their password book was invaluable in helping us gain access to her Apple account and her phone. It meant we were able to get to her iCloud passwords, so now we have access to everything.

So yeah, password books are actually pretty handy.

load more comments (15 replies)

So... It's a password book? Like, pen and paper?Not the best choice for storing passwords, but I'd be more willing to do that than trusting Amazon not to hold my passwords hostage with a digital service by them.

[–] angelmountain@feddit.nl 44 points 1 day ago (2 children)

Still better than using the same password everywhere and/or saving passwords in an unencrypted text file on your computer somewhere.

Just not very user friendly.

[–] kadup@lemmy.world 15 points 1 day ago (8 children)

I'm going back to paper for most things and I don't know man, I think it's more user friendly given the current tech landscape. My paper notebook never changed the interface to add a huge Copilot button.

load more comments (8 replies)
load more comments (1 replies)
[–] 01189998819991197253@infosec.pub 43 points 1 day ago (5 children)

I see no issue with this, especially for an elderly person, for example, to keep at home. The only way this will get "breached", is if someone breaks into her home. At that point, the password book is the least of her concerns anyway. In fact, from a cyber security point of view, this is brilliant if kept in a safe place, such as a locked safety box. You can't really remotely hack a physical book.

load more comments (5 replies)
[–] cupcakezealot@piefed.blahaj.zone 36 points 1 day ago (3 children)
[–] DeceasedPassenger@lemmy.world 11 points 1 day ago (3 children)

That is tight as hell and I love it

load more comments (3 replies)
load more comments (2 replies)
[–] skisnow@lemmy.ca 35 points 1 day ago (2 children)

So far the combined might of the Russian, Chinese, American and North Korean hacking teams have been unable to crack the post-it note on my desk.

[–] Litebit@lemmy.world 11 points 1 day ago* (last edited 1 day ago) (1 children)

now they know where to look.

[–] skisnow@lemmy.ca 12 points 1 day ago (1 children)

If they're in my apartment I've already got bigger problems.

[–] ChaoticEntropy@feddit.uk 12 points 1 day ago

You didn't know they were coming, didn't tidy up, and now you feel awkward. The struggle is real.

load more comments (1 replies)
[–] dejected_warp_core@lemmy.world 29 points 1 day ago (2 children)

PSA: Home use? That's probably okay. Work use? If you're in-office, this is a ticking time-bomb that can get you fired, one way or another. Use the company 1password or whatever you have access to, please. Thank you.

load more comments (2 replies)
[–] bigbabybilly@lemmy.world 26 points 2 days ago (3 children)

Oh yeah, this is for my in-laws. This is peak boomer tech right here.

load more comments (3 replies)
[–] CallMeAnAI@lemmy.world 23 points 2 days ago (8 children)

Best option for non techies at home.

load more comments (8 replies)
[–] roserose56@lemmy.ca 20 points 1 day ago (3 children)
[–] Romkslrqusz@lemmy.zip 13 points 1 day ago* (last edited 1 day ago) (1 children)

* for the tech inclined

Managing sync between mobile and desktop is a bit more complicated than average consumers have the patience for (it’s really not very complicated, average consumers are just impatient)

load more comments (1 replies)
load more comments (2 replies)
[–] ansiz@lemmy.world 20 points 1 day ago (2 children)

Sure, it's a horrible idea in an open office environment but if someone wants to use this at home for all their passwords it really won't hurt anything.

load more comments (2 replies)
[–] oppy1984@lemdro.id 20 points 1 day ago (2 children)

I should get this for my dad, he recently got a new computer at best buy and the geek squad told him his files were all in the cloud and sent him home. Guess who got a call the next day because "all my passwords are in a word document in some fucking cloud". Yeah that was a fun day spent setting up his computer while listening to his rant about the geek squad and "the fucking cloud".... thanks geek squad....

load more comments (2 replies)
[–] logicbomb@lemmy.world 18 points 2 days ago (6 children)

This isn't even weird.

I think most security experts would recommend that you have your most important passwords written down somewhere, and then hopefully locked up in some safe or deposit box somewhere. You don't need to buy an entire book for it, but some people like to spend money.

If this is for your less important passwords, then for the most part, writing them down is actually better. You won't be as tempted to reuse your banking password for your social media. And some people like writing things down. A password manager is a better solution, but lots of people aren't as good with technology and if they even let the browser remember it, they won't know how to retrieve it later if they want to use a different computer, for example.

load more comments (6 replies)
[–] ZoteTheMighty@lemmy.zip 18 points 1 day ago* (last edited 1 day ago)
[–] BlackPenguins@lemmy.world 17 points 1 day ago (2 children)

That Web Addresses placement is killing me.

load more comments (2 replies)
[–] tym@lemmy.world 16 points 1 day ago (4 children)

This isn't the flex you think it is, OP. 99% of cybercriminals are also cowards. Physical security of ANY kind beats even the best password managers.

If you don't know what lattice-based encryption is and how to purchase it through NordVPN, start reading up because encryption as we know it isn't long for this world. Pretty sure they already dragged their feet too long on Bitcoin's algorithm but the day cracking common ciphers is within the grasp of quantum clusters is the day we all become Amish. Plan accordingly!

[–] Cocodapuf@lemmy.world 11 points 1 day ago* (last edited 7 hours ago) (2 children)

My understanding is that quantum computing has been taken into account for some modern cryptography. And that memory-hard cryptography basically defeats quantum computing solutions. There are a few methods, but one of them is just very long keys, it's trivial to make a cryptographic key longer.

So sure, you could defeat some of that with a machine operating with 1024 entangled qbits, (which is... oh man... not an easy task), in which case, wow, congratulations. But what if I increase my key length to 100k? It might take an extra 3 seconds to check the key and log in, but it'll take an extra 25 years for quantum computing to catch up.

load more comments (2 replies)
load more comments (3 replies)
[–] lemmyng@lemmy.ca 16 points 2 days ago

I'd rather people use this than reuse the same password everywhere.

[–] flop_leash_973@lemmy.world 15 points 1 day ago* (last edited 1 day ago)

My mother uses something similar to keep track of her passwords for everything. While I prefer a password manager like Bitwarden or Keepass. I would rather her use a note book like this over something like Google or Apples password managers.

Or even worse, the same password for everything.

[–] ZILtoid1991@lemmy.world 15 points 21 hours ago (2 children)

It's actually super useful for old people, who sometimes like to "accidentally log off" and stuff.

load more comments (2 replies)
[–] ksh@aussie.zone 14 points 22 hours ago (1 children)

I save all my passwords in a README.txt file

[–] Nasan@sopuli.xyz 15 points 21 hours ago

That's how they get you, i put mine in a DONTREADME.txt file.

[–] undefined@lemmy.hogru.ch 13 points 2 days ago

I would trust it more than the biometric payment method they’re pushing in Whole Foods

[–] JigglySackles@lemmy.world 11 points 18 hours ago

Honestly, for at home personal use, it's better than any on device password manager. It's not hackable. Someone has to break into your home and steal it. For an office environment though....worst way to handle it after sticky notes.

[–] DeathByBigSad@sh.itjust.works 10 points 1 day ago (2 children)

I dropped my book and now debt collectors are after me. 0/5 would not recommend.

load more comments (2 replies)
[–] Jankatarch@lemmy.world 9 points 1 day ago

Is it AI powered tho?

[–] eluvatar@programming.dev 8 points 1 day ago

Still waiting for passkey support

load more comments
view more: next ›