Experts

Reviews. Security & Technology Experts comments on the preferred use of “offline” solutions such as password organizers or writing passwords down in a book.

 

Bruce Schneier Internationally renowned security technologist and author of 12 books on encryption, including “Cryptography Engineering”.

In his “Crypto-Gram” newsletter, Mr. Schneier proclaims:

“Simply, people can no longer remember passwords good enough to reliably defend against dictionary attacks, and are much more secure if they choose a password too complicated to remember and then write it down. We’re all good at securing small pieces of paper. I recommend that people write their passwords down on a small piece of paper, and keep it with their other valuable small pieces of paper: in their wallet.” (Source)

Jesper Johansson Senior Security Strategist in the Security Technology Unit at Microsoft and author of “Protect Your Windows Network“.

Speaking at a conference hosted by Australia’s National Computer Emergency Response Team, Johansson stated that the security industry has been giving people the wrong advice by telling them not to write down their passwords.

“I claim that password policy should say you should write down your password. I have 68 different passwords. If I am not allowed to write any of them down, guess what I am going to do? I am going to use the same password on every one of them.”

He went on to say,

“Since not all systems allow good passwords, I am going to pick a really crappy one, use it everywhere and never change it. If I write them down and then protect the piece of paper–or whatever it is I wrote them down on–there is nothing wrong with that. That allows us to remember more passwords and better passwords.” (Source)

Dr. Whitfield Diffie Chief Security Officer, Sun Microsystems

During the annual RSA Conference, Dr. Diffie delivered a one line statement from the Cryptographers Panel.

“Write down your passwords; your wallet is a lot more secure than your computer.” (Source)

Microsoft Safety & Security Centre – Recommendations for Strong Passwords.

“Whenever possible, use eight characters or more. Don’t use the same password for everything. The greater the variety of characters in your password, the better. The easiest way to ‘remember’ passwords is to write them down. It is okay to write passwords down, but keep the written passwords in a secure place.” (Source)

So, our question is … if writing them down is good, how much better is it to have them written down AND encrypted?

Sorry, you can not to browse this website.

Because you are using an outdated version of MS Internet Explorer. For a better experience using websites, please upgrade to a modern web browser.

Mozilla Firefox Microsoft Internet Explorer Apple Safari Google Chrome