Hacker News new | ask | show | jobs
by temporarara 865 days ago
No. I will never put all my passwords into some black box, no matter how it is pitched to me, and certainly I won't pay for that "privilege". I have all my passwords written down in a sheet of paper slightly obfuscated to make them pretty much worthless even if someone found them (actually I have multiple copies, stored in multiple places). They are all mnemonic to begin with. So if my computer dies, for example, my life continues just like before.

I don't have "real" social media accounts to begin with, so my life won't be ruined even if someone cracked all my passwords. Mostly it's just accounts for various online shops I've used during the years. I really don't care if someone hacks those. And access to my bank is pretty much worthless if you don't have my phone and the pin code sheet too. Well I don't have big money in bank anyway, so the crime doesn't pay well in any case.
2 comments
CharlesW 865 days ago
> I will never put all my passwords into some black box […]. I have all my passwords written down in a sheet of paper slightly obfuscated to make them pretty much worthless even if someone found them (actually I have multiple copies, stored in multiple places).

Is this satire?

link
ifyoubuildit 865 days ago
Well, his sheets of paper could be obtained by 10s to 100s of people with physical access who then might figure out the obfuscation (or burn down in a fire, but copies mitigate that).

Some fancy password manager service can be attacked by anyone with a network connection or the budget to buy the company. And there's an actual incentive to attack the password service because it doesn't just have parent's passwords, it has many passwords.

I think the only downside to the sheet of paper is that people with physical access are probably more likely to be specifically interested in you, and therefore willing to put in the effort to figure it out. But they'd probably figure it out anyway if they're that interested (install a keylogger or camera or something).

link
CharlesW 865 days ago
> And there's an actual incentive to attack the password service because it doesn't just have parent's passwords, it has many passwords.

For sure, but hopefully folks are using solutions where the provider can't decrypt their data, much less attackers.

link
ifyoubuildit 864 days ago
A lot of these cloud services you really have to rely on the hope that things are done in a sane way, now and into the future.

Have you ever had to hope that your lined paper wasn't going to fuck you over?

link
paulmd 865 days ago
wow I never knew pass(1) cost money, how does that work? isn’t it GPL and all????

(keepass2/keepass xc are more user-friendly and free, strongbox is another good front-end for keepass files as well.)

link