[gowld]

Writing passwords on paper is recommended by security professionals, in the common case where your physical security is far more trustworthy than your digit security, because it supports the use of long, strong password. A 2FA device is very similar to a Post-It note.

[rtempaccount1]

Actually most security professionals have a serious downer on writing passwords down.

I can see some circumstances where it could make sense, as you say where physical security concerns are less of an issue.

That said I wouldn't say a 2FA device is like a post-it note really.

Assuming you're thinking about TOTP like google authenticator, access to the codes is protected by the devices' security, which adds a bit more to it than a post-it under a keyboard.

[redthrow]

For example Bruce Schneier recommends writing down the password and keeping it in a relatively safe place like the wallet (where people keep other sensitive information like credit card numbers).

https://www.schneier.com/blog/archives/2005/06/write_down_yo...

I don't think anyone recommends writing down the password on a post-it note and put it on the computer screen at work.

[kurtisc]

Even then, if it's an OS password (drive encryption n/inc) and they have physical access to the disks containing assets then it's already game over.