[CharlesW]

> I will never put all my passwords into some black box […]. I have all my passwords written down in a sheet of paper slightly obfuscated to make them pretty much worthless even if someone found them (actually I have multiple copies, stored in multiple places).

Is this satire?

[ifyoubuildit]

Well, his sheets of paper could be obtained by 10s to 100s of people with physical access who then might figure out the obfuscation (or burn down in a fire, but copies mitigate that).

Some fancy password manager service can be attacked by anyone with a network connection or the budget to buy the company. And there's an actual incentive to attack the password service because it doesn't just have parent's passwords, it has many passwords.

I think the only downside to the sheet of paper is that people with physical access are probably more likely to be specifically interested in you, and therefore willing to put in the effort to figure it out. But they'd probably figure it out anyway if they're that interested (install a keylogger or camera or something).

[CharlesW]

> And there's an actual incentive to attack the password service because it doesn't just have parent's passwords, it has many passwords.

For sure, but hopefully folks are using solutions where the provider can't decrypt their data, much less attackers.

[ifyoubuildit]

A lot of these cloud services you really have to rely on the hope that things are done in a sane way, now and into the future.

Have you ever had to hope that your lined paper wasn't going to fuck you over?