My mom told me that she was made fun of for having a book of hand written account credentials related to running her business (6 people total). I told her it was the best way to do it that wasn’t massively overcomplicated for her situation and to keep it up. The only recommendation I made is that she use different long passwords for every site since she’s already not memorizing them.
Personally I’m not convinced this isn’t the best way unless you’re being targeted by physical bad actors
Sure, if someone knows her physical address, knows how to disable the building alarm, knows what drawer she keeps the passwords locked in, and knows how to pick the lock, she could be in trouble. But that is a very targeted attack and if someone is that determined she’s screwed anyway.
99.9% of attacks are the “low hanging fruit, protected from repercussions by not physically being there” kind.
Someone like an employee, janitor, or maintenance worker who has physical access to the building already is what I’m talking about. That’s definitely a low hanging fruit type of attack. See your boss’s passwords while your pissed off, snap a picture with your phone, fuck with them later.
My mom told me that she was made fun of for having a book of hand written account credentials related to running her business (6 people total). I told her it was the best way to do it that wasn’t massively overcomplicated for her situation and to keep it up. The only recommendation I made is that she use different long passwords for every site since she’s already not memorizing them.
Personally I’m not convinced this isn’t the best way unless you’re being targeted by physical bad actors
Where is this book? In the office? I’d say that’s absolutely horrible. If it’s at home I think that’s more okay.
Or maybe behind a keyed lock in the office? Not a keypad, a physical key.
Nah, most locks are really crappy.
Sure, if someone knows her physical address, knows how to disable the building alarm, knows what drawer she keeps the passwords locked in, and knows how to pick the lock, she could be in trouble. But that is a very targeted attack and if someone is that determined she’s screwed anyway.
99.9% of attacks are the “low hanging fruit, protected from repercussions by not physically being there” kind.
Someone like an employee, janitor, or maintenance worker who has physical access to the building already is what I’m talking about. That’s definitely a low hanging fruit type of attack. See your boss’s passwords while your pissed off, snap a picture with your phone, fuck with them later.