On 17 Dec 2024 20:44 +0000, from debian-u...@howorth.org.uk: >> https://www.ncsc.gov.uk/blog-post/what-does-ncsc-think-password-managers > > I tend to agree but I'll play Devil's Advocate here. > > If I was NCSC would I prefer to break a few password managers or > millions of individual passwords?
Counterpoint: Absent a password manager, people in general are _terrible_ at coming up with and remembering _good_ passwords. Especially the hundreds (or more) of passwords you can easily get to after being on the Internet for a while. And yes, a little black book can definitely be a password manager (assuming that you have some other way of generating good random passwords). In fact, for some people that might even be better than a digital solution, because a lot of people who have a poor grasp of digital information security _do_ still have a decent grasp of security surrounding physical possessions. They might not readily grasp the implications of handing their unlocked phone over to a stranger, but they probably do grasp the implications of handing their home keys over to the same stranger. -- Michael Kjörling 🔗 https://michael.kjorling.se
