informa
/
IT Life
News

Can't Recall Passwords? Write Them Down

Flying in the face of convention, a security expert is now telling users to write down passwords and stick the slip of paper in their wallets.
Flying in the face of convention, a security expert is now telling users to write down passwords and stick the slip of paper in their wallets.

Such advice flies in the face of long-running counsel to not put passwords on paper. But security guru Bruce Schneier -- who is also the founder and chief technology officer of Counterpane Internet Security -- told users to forget the old advice.

"People can no longer remember passwords good enough to reliably defend against dictionary attacks, and are much more secure if they choose a password too complicated to remember and then write it down," Schneier wrote in his online security newsletter.

"We're all good at securing small pieces of paper. I recommend that people write their valuable passwords down on a small piece of paper, and keep it with their other valuable small pieces of paper -- in their wallet."

To account for a lost wallet, Schneier urged users to finesse the paper record by writing "bank" rather than the bank's URL, or by omitting a username.

"Writing down your impossible-to-memorize password is more secure than making your password easy to memorize," he said.