Passwords written down on a sticky sheet or kept in a notebook are a relatively safe way to manage passwords. There is little chance the cybercriminal would try to access your home and rob your password book. Of course, the risk increases if you carry the notebook around in public.
Reusing the same password isn't a good idea either. It may be convenient – you only have to write it down once, and don't have to leaf through dozens of pages to find what you need – but it also makes you vulnerable if that one password is ever exposed in a data breach.
Users may believe that writing passwords down on paper and storing them in their office or on sticky notes is secure, but this method is actually risky. Papers can get lost or even fall into the hands of cybercriminals, giving them immediate access to your raw, unencrypted login information.
Your master password shouldn't be the same as any other password that you have created, and should never be written down or stored anywhere but your own mind.
The best way to safely generate, store, and keep track of your passwords is to use a password manager app like LastPass. A password manager encrypts your passwords and stores them in a vault locked behind a master password, as well as advanced protective measures like multifactor authentication.
First, don't keep your passwords on your phone. It can be hard to remember all of them, but if you store one on your phone, you're putting your data at risk.
If your device is hacked or stolen, storing passwords on your device gives hackers easy access to all of your accounts and personal information. Although it might be tempting and convenient, you should never save passwords on your phone, tablet, or computer.
Yes, it's true, writing down all your passwords on paper and keeping that hidden in your home is more secure than a password manager. But that does not mean it's better. People who write down passwords are more likely to reuse passwords.
-Don't use easily guessed passwords, such as “password” or “user.” -Do not choose passwords based upon details that may not be as confidential as you'd expect, such as your birth date, your Social Security or phone number, or names of family members. -Do not use words that can be found in the dictionary.
Sending a password over a text message is risky since there is no security or encryption to protect it from anyone who may intercept it. If your mobile device gets into the wrong hands, your texts are readable to anyone who manages to gain unauthorized access.
Avoid using words that can be found in the dictionary. For example, swimming1 would be a weak password. Random passwords are the strongest. If you're having trouble creating one, you can use a password generator instead.
The next thing an attacker will probably try after guessing the most common passwords is a dictionary attack. To avoid this, don't use a normal word as your password.
In conclusion…
You will never achieve 100% security when it comes to passwords, but on balance, it feels safer writing passwords into a book that you can physically hold onto and put somewhere discrete. Nevertheless, password managers have a lot to offer in terms of convenience and efficiency.
Thus, they remain the worst passwords you can set for your online accounts. Examples of ill-conceived passwords include 123456, password, and qwerty, which is the set of the first 6 alphabets on a laptop or smartphone keyboard. Some other styles of similar patterned passwords include 123456789, 111111, and 1q2w3e.
Everybody should use a password manager because it offers proper password management and advanced security protection. People who don't use password managers often use the same simple passwords for all their accounts, leaving them vulnerable to breaches and hacks. Password managers are effective and offer great value.
Password managers can be hacked if your device is infected with malware. In this case, typing the master password will get it recorded, and cybercriminals will gain full access to the data stored.
iCloud Keychain is a good option for storing passwords on Apple devices in a relatively secure fashion. It can help users choose strong passwords and make them easily accessible with the AutoFill feature.
Hash all passwords
Never store passwords in plain text. Always create a hash from them and store the hash instead. In password storage, hashing is superior to encryption since a hash can't be reversed.
Potential Drawbacks to Password Managers
Keep in mind that Google-stored passwords are only as secure as the devices you're using. If your device has been corrupted by malware, there's a chance your master password (and by extension all of your passwords) could be pilfered.