[kwlug-disc] 2FA Google Authentication and Best Practices with passwords

CrankyOldBugger crankyoldbugger at gmail.com
Fri Feb 4 22:18:19 EST 2022


If it helps, BitWarden (and I assume other password managers) can export
your passwords to a json or csv file easily enough.  I know that this means
storing your passwords digitally to begin with, but the export option would
make for an easy job making your printed password list.



On Fri, Feb 4, 2022 at 9:54 PM Paul Nijjar via kwlug-disc <
kwlug-disc at kwlug.org> wrote:

>
> Do you keep a photocopy of the book someplace? What happens if
> termites eat your passwords?
>
> I think this is a reasonable approach, but when I did something
> similar I found I was not being disciplined enough about making very
> long and very distinct passwords for each site.
>
> - Paul
>
> On Fri, Feb 04, 2022 at 04:39:33PM -0500, Doug Moen wrote:
> > I keep all my passwords written in a paper book, not a computer or
> digital device.
> > I use longish passphrases, not "secure passwords" that I have no hope of
> memorizing.
> > I use a different password for each site, so if one site is compromised,
> the others aren't also compromised.
> >
> > My wife knows where the book is, so if I'm incapacitated and she needs
> my password for some reason, it's easily accessible.
> >
> > I do not store my passwords digitally. Computers are inherently insecure
> and untrustworthy, so if my password is stored digitally in a device that
> is directly or indirectly connected to the internet, then I assume that
> password is compromised. Computers are also way too complicated. A paper
> book is simple, robust and is impervious to remote exploits.
> >
> > As always, you should think about your threat model when choosing how to
> do something digital. Different threat models => different methods. Also,
> any choice you make inherently has compromises. In my case, I obtain
> simplicity, robustness and imperviousness to remote exploit at the expense
> of less secure passwords (passphrases that I can memorize, vs base64
> encoded 256 bit random numbers or whatever).
> >
>
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> https://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20220204/68fa3757/attachment.htm>


More information about the kwlug-disc mailing list