rofl.
I have around 1300 passwords in Keepass, most of them are 20 characters including symbols.
Good luck writing those passwords every time you need to login...
I used pen and paper for a decade now. I have a folder and preprinted forms where I note passwords with pens. The folder had like 20 sheets. This worked pretty well and is without doubt the most secure variant -- I always have my folder with me. Note that this only stores the important passwords. I use weak and dumb passwords for non-important services (similar to disposable email boxes).
Anyway I want to change to a paperless variant due to the increasing amount of "important" services.
I have a friend who does the same, but a folder with password is not encrypted. If it's stolen, or you just leave it somewhere by mistake, or if you leave it on a table while you piss, byebye security... A hacker only needs your old yahoo password to hack everything else.
Please use at least Keepass, it has a master password, it is encrypted all the time if you want, it can have browser integration, it can upload the encrypted DB to the cloud..
That's true. However, in general I trust my environment so much more than "the whole Internet" which potentially can gain access to my systems. In fact, I don't think encrypting password managers (even in their simplicity such as https://www.passwordstore.org/) prevent typical use cases: If your home account is compromised, it is easy manipulate the workflow and subsequently decrypt your virtual password storage.
"Another potential complication for the company is that public filings show that three senior executives, including chief financial officer John Gamble, sold shares worth almost $1.8m in the days after the attack was detected."
