this post was submitted on 19 Jul 2025
479 points (92.4% liked)

Technology

73240 readers
5024 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots


founded 2 years ago
MODERATORS
 
top 50 comments
sorted by: hot top controversial new old
[–] ZILtoid1991@lemmy.world 16 points 6 days ago (1 children)

It's actually super useful for old people, who sometimes like to "accidentally log off" and stuff.

[–] FoD@startrek.website 3 points 6 days ago (1 children)

Or Microsoft who randomly needs to verify someone's identity before they can log into.tgeir computer but the user doesn't have a smart phone. So they need to call someone trusted to have them log into their email from a different computer just to get the code so the user can log into their computer.

But that also means they didn't have access to any saved passwords so a notebook helps.

I really should put Linux on her machine but then I have to show her how to do that too. It's a lose-lose so I keep it the same.

I miss local accounts.

[–] NikkiDimes@lemmy.world 2 points 6 days ago

You can still use local accounts with Windows 11. It's just a bit fiddley. If you use Rufus to make your boot usb, there's a bunch of deshitification options you can do.

[–] ksh@aussie.zone 15 points 6 days ago (1 children)

I save all my passwords in a README.txt file

[–] Nasan@sopuli.xyz 16 points 6 days ago

That's how they get you, i put mine in a DONTREADME.txt file.

[–] JigglySackles@lemmy.world 11 points 6 days ago

Honestly, for at home personal use, it's better than any on device password manager. It's not hackable. Someone has to break into your home and steal it. For an office environment though....worst way to handle it after sticky notes.

[–] tym@lemmy.world 15 points 6 days ago (2 children)

This isn't the flex you think it is, OP. 99% of cybercriminals are also cowards. Physical security of ANY kind beats even the best password managers.

If you don't know what lattice-based encryption is and how to purchase it through NordVPN, start reading up because encryption as we know it isn't long for this world. Pretty sure they already dragged their feet too long on Bitcoin's algorithm but the day cracking common ciphers is within the grasp of quantum clusters is the day we all become Amish. Plan accordingly!

[–] Cocodapuf@lemmy.world 11 points 6 days ago* (last edited 5 days ago) (1 children)

My understanding is that quantum computing has been taken into account for some modern cryptography. And that memory-hard cryptography basically defeats quantum computing solutions. There are a few methods, but one of them is just very long keys, it's trivial to make a cryptographic key longer.

So sure, you could defeat some of that with a machine operating with 1024 entangled qbits, (which is... oh man... not an easy task), in which case, wow, congratulations. But what if I increase my key length to 100k? It might take an extra 3 seconds to check the key and log in, but it'll take an extra 25 years for quantum computing to catch up.

[–] Toribor@corndog.social 1 points 6 days ago (1 children)

Won't longer key lengths increase the overhead for everything?

[–] procrastitron@lemmy.world 7 points 6 days ago

Yes and No.

Yes, everything increases in difficulty but the increases in difficulty are asymmetrical.

The difficulty of reversing a computation (e.g. reversing a hash or decrypting an encrypted message) grows much faster than just performing the computation (e.g. hashing a message or encrypting one).

That’s the basis for encryption to begin with.

It’s also why increasing the size of the problem (e.g. the size of the hash or the size of a private key) makes it harder to crack.

The threat posed by quantum computing is that it might be feasible to reverse much larger computations than it previously was. The caveat on that, however is that they have a hard limit of what problems they can solve based on the number of qbits they have.

So for example, let’s say you use RSA for encryption and someone builds a 1024 qbit quantum computer. All you have to do is increase your key size so that it would require 1025 qbits to crack, and then that quantum computer wouldn’t provide an attacker any benefit at all.

(Of course, they’d still be able to read your old messages, but that’s also a fundamental principle of cryptography; it only protects you for a period of time)

[–] JigglySackles@lemmy.world 1 points 6 days ago (2 children)

Can't wait to hand write my 32-bit passwords.

[–] cralex@lemmy.zip 4 points 6 days ago

My handwriting comes with free encryption at rest. Even I might not be able to read it.

[–] ramjambamalam@lemmy.ca 2 points 6 days ago

You haven't changed your password for 30 days. Reset it now.

[–] eluvatar@programming.dev 8 points 6 days ago

Still waiting for passkey support

[–] vk6flab@lemmy.radio 195 points 1 week ago (10 children)

Here's the thing .. as crazy as a notebook with passwords sounds, it's not accessible to someone across the internet.

[–] 6nk06@sh.itjust.works 73 points 1 week ago (1 children)

Password managers check the URL before giving its data. A human being can be fooled into giving it to a fake web site.

[–] MentalEdge@sopuli.xyz 43 points 1 week ago* (last edited 1 week ago) (9 children)

TBF, they can be fooled too.

Bitwarden warns against using autofill on load for that very reason, as then simply loading a malicious page might cause it to provide passwords to such a site.

And then, a human when a site doesn't autofill, is more likely to just go "huh, weird" and do it manually.

load more comments (9 replies)
load more comments (9 replies)
[–] _stranger_@lemmy.world 75 points 1 week ago (9 children)

Self hosted and air gapped.

load more comments (9 replies)
[–] TheGrandNagus@lemmy.world 64 points 1 week ago (17 children)

Honestly, a physical password book isn't a bad idea.

Not accessible via the internet, and in most cases if someone has physical access to your system you're done for anyway.

The main weakness it has is from a nosey flatmate, spouse, or child in the house.

[–] tiramichu@sh.itjust.works 36 points 1 week ago

Yep. My Dad in his late 70s uses this system and it works great for him.

People make fun of it, but for people with low tech literacy this is actually far better than having a mish-mash of solutions where some their logins end up automatically saved in iOS on their phone, some are saved in Chrome on the desktop, some are just in their head, they don't know where anything is, and are constantly losing access and resetting credentials all the time.

And it definitely reduces the burden on me of parental tech support, when its all in the book.

load more comments (16 replies)

So... It's a password book? Like, pen and paper?Not the best choice for storing passwords, but I'd be more willing to do that than trusting Amazon not to hold my passwords hostage with a digital service by them.

[–] angelmountain@feddit.nl 48 points 1 week ago (11 children)

Still better than using the same password everywhere and/or saving passwords in an unencrypted text file on your computer somewhere.

Just not very user friendly.

load more comments (11 replies)
[–] 01189998819991197253@infosec.pub 43 points 1 week ago (5 children)

I see no issue with this, especially for an elderly person, for example, to keep at home. The only way this will get "breached", is if someone breaks into her home. At that point, the password book is the least of her concerns anyway. In fact, from a cyber security point of view, this is brilliant if kept in a safe place, such as a locked safety box. You can't really remotely hack a physical book.

load more comments (5 replies)
[–] cupcakezealot@piefed.blahaj.zone 37 points 1 week ago (6 children)

this is my internet password logbook

"sanrio spotty dotty diary"

load more comments (6 replies)
[–] skisnow@lemmy.ca 36 points 1 week ago (2 children)

So far the combined might of the Russian, Chinese, American and North Korean hacking teams have been unable to crack the post-it note on my desk.

[–] Litebit@lemmy.world 11 points 6 days ago* (last edited 6 days ago) (1 children)

now they know where to look.

[–] skisnow@lemmy.ca 12 points 6 days ago (1 children)

If they're in my apartment I've already got bigger problems.

[–] ChaoticEntropy@feddit.uk 12 points 6 days ago

You didn't know they were coming, didn't tidy up, and now you feel awkward. The struggle is real.

[–] Kellenved@sh.itjust.works 3 points 6 days ago

Add an extra layer of security by putting it in an envelope and stapling it to the bottom of your desk

[–] dejected_warp_core@lemmy.world 29 points 1 week ago (2 children)

PSA: Home use? That's probably okay. Work use? If you're in-office, this is a ticking time-bomb that can get you fired, one way or another. Use the company 1password or whatever you have access to, please. Thank you.

[–] ChaoticEntropy@feddit.uk 5 points 6 days ago

InfoSec likes nothing more than for you to tell them not to worry because you write all your passwords down and only read emails after you've printed them. 100% secure.

[–] Frostbeard@lemmy.world 2 points 6 days ago

In my office I have a list that says passwords all nonsens and just as a decoy. I have a system that I use for rotation woth a visual reminder (by association, not directly) somwhere in my office

[–] CallMeAnAI@lemmy.world 25 points 1 week ago (8 children)

Best option for non techies at home.

load more comments (8 replies)
[–] bigbabybilly@lemmy.world 25 points 1 week ago (3 children)

Oh yeah, this is for my in-laws. This is peak boomer tech right here.

load more comments (3 replies)
[–] roserose56@lemmy.ca 22 points 1 week ago (4 children)
[–] zyberteq@lemmy.world 4 points 6 days ago

For a lot of people at 60+, writing things down is easier and safer. It will also help anyone that would need to troubleshoot or in the event of death in a very simple way.

load more comments (3 replies)
load more comments
view more: next ›