Previous entries
Next entries

March 4th, 2007

Write Your Passwords on Paper?????

By Michael Santo
Executive Editor, RealTechNews

What’s better: a strong password you might forget or a weak one that you won’t forget but that may be easily hacked. Well, to me, obviously, the strong one. To many, including my mother-in-law, who is definitely less tech-savvy and thus less cautious than I, a weak one.

Lest people think I’m picking on Apple again (ahem), let me say that others have made the suggestion that Apple has in their Mac Cheat Sheet It’s just that now is the time I’m writing about this, not before, OK (here’s someone from Microsoft about the same subject, to distribute this evenly)? Apple suggests in their cheat sheet that you write down your passwords, just in case you forget them.

Personally that’s not so bad. What I find worse is that News.com’s Security Blog, while writing about it, didn’t suggest any alternatives.

We Say: So, if anyone wants to say I’m picking on someone, let it be News.com’s Security Blog, OK? Here are A FEW suggestions of my own.

a) Use a program like Roboform. It has a toolbar that works with many (but not all) browsers, like Firefox and IE, which means you can have it navigate AND login automatically to sites … I rarely use bookmarks any longer because of this. (This will not work with the new stronger login procedures that financial institutions are using, requiring you to use a mouse to enter passwords). Of course, you still need a master password (you don’t really, but you should). It also has U3- and non-U3 flash drive versions, as well as one for PDAs. The database of passwords is encrypted. This means you use these if you go to say, an Internet cafe. (There are plenty of other password storage programs as well, but none that integrate so nicely with a browser, at least that I have found).

b) Store the passwords in a file that you encrypt. Even Word has a way of encrypting .doc files with a password. You can even upload them to a website (once again, you have to remember at least ONE password) so you can use them at that aforementioned Internet cafe.

c) As a last resort, write them down. But at least don’t be so silly as to tack them to your monitor with a Post-it. :-)

Share and Enjoy:These icons link to social bookmarking sites where readers can share and discover new web pages.
  • del.icio.us
  • digg
  • Fark
  • NewsVine
  • Reddit
  • YahooMyWeb
You can leave a comment, or trackback from your own site. RSS 2.0

8 comments to "Write Your Passwords on Paper?????"

  1. Abe says:

    SignupShield Passwords, now bundled with every U3 drive you buy from SanDisk, is a better product, also available as a desktop version.

    March 4th, 2007 at 7:42 am

  2. Michael Santo says:

    I’m not sure how that’s any better. It pretty much looks identical to Roboform — and there’s no PDA version (I store to my smartphone). One thing is … with all the PWs I’ve already stored, it’s pretty hard for me to consider moving to a different product.

    March 4th, 2007 at 8:00 am

  3. Andrew says:

    Writing down your passwords on a piece of paper that you keep in a secure location (a wallet, locked filing cabinet, safe) is actually a good security measure. Bruce Schneier agrees with the suggestion:

    “We’re all good at securing small pieces of paper. I recommend that people write their passwords down on a small piece of paper, and keep it with their other valuable small pieces of paper: in their wallet.”

    http://www.schneier.com/blog/archives/2005/06/write_down_your.html

    March 4th, 2007 at 8:59 am

  4. Charles says:

    Something I’m trying is entering the passwords into a spreadsheet and then taking a screenshot (.gif) of it.

    Then it’s saved in some out of the way directory, or on your desktop, with a filename that does NOT say ‘passwords’. :-)

    The spreadsheet can be saved off the computer on a disk or flash drive.

    March 4th, 2007 at 10:37 am

  5. P. Louys says:

    Open a graphics editor (even MS Paint would do), create and save your passwords as a b&w image (preferably a gif). Convert the gif to base64 and write a simple Firefox bookmarklet (FF can handle bookmarklets over 1000,000 characters, btw). Here’s a small example, which took less than 5 minutes to draw/convert/write:

    ‘);aa.document.close();void 1″>Demo

    March 4th, 2007 at 8:23 pm

  6. P. Louys says:

    Sorry. Your security chopped it (which is good). Try again:

    <a href=”javascript:/*PWPic;Coded2007byP.Louys*/aa=window.open('’,'’,'dependent=yes’);aa.document.write(’<html><body><img src=%22data:text/HTML;base64,R0lGODdhXwAjAIgAAP///wAAACwAAAAAXwAjAAAC/4SPqcvtD6OctNqLs968+w+G4ggEjpmg6aQuLUm9pevJcCTb9rVbwd8CqlAm4GFoKP6OpeXRmIxCZ9Hk9BGsVolI6rDr9CKIVqZYyxqjydRt+812m+PibMWOX5fVc34evjcWBvEnl2cnl3h2yNCz0gf516VIxyZJIyEkGFapxTUlFASq1/bpeIOaqrrK2ur6Chty+jELu3PVVBvrg/m4K8WZu4m0BNarNjpqhYsDZjz3nMupGcgVyRfjpw0phX1GSdp5tw0O91L4nW7pnUmurof4Djgvns0tX4gufhnIQi0tKpiZUlf+hXqiTJgudmhY6UgzTsFCEA9PMPuFMaPGjQUcO8YqAAA7%22 border=%220%22></a></body></html>’);aa.document.close();void 1″>Demo</a>

    March 4th, 2007 at 8:26 pm

  7. big brotha says:

    I say choose a blank password

    Those BSD guys had it right in the first place!

    March 5th, 2007 at 11:40 am

  8. Tara says:

    There are plenty of tools that can crack a Word password (just run a search on google to see what I mean), and the image solutions, while clever, aren’t very useful when you have to copy and paste, or even update soemthing in the list.

    Why not just use a Password Manager? It’s just easier. Safer too.

    Mine: https://www.passpack.com

    It’s a free online service.

    March 29th, 2007 at 2:06 pm

Leave a comment