The answer to the question, are password books safe, is no, yes ah, oh dear, maybe!
The reason I say this is that no password recording strategy is a hundred percent safe. There are a lot of reasons why recording your passwords is not a good idea. For example, to be sure that you are as safe as you can be, you would need these three things to happen:
- You would need to have an incredible memory; remember 30+ character passwords (a mix of capital and lower case numbers, letters and symbols) for each website you visit
- The employees that work for the website you are visiting must be completely trustworthy and untrickable
- The online password safe you could be using must be unhackable
Human nature is always going to be human nature and if you can’t use a website because of those reasons then you need to record them somehow.
But are password books safe?
This brings me back to the maybe.
Of course if you have a book that is obviously a password book at first glance and you write everything down in it including your mother’s maiden name and your place of birth, then no. … but, and I stress the word but, they can be made one of the safest ways to record passwords.
There is no reason that you can’t write a random password down but also have a secret portion that is only in your memory.
This means that if someone steals your password book and tries to use the information in your book then it is useless to them.
Here’s how it might work
Example random password to be recorded in password book.
This should be different for each website.
dF$jB@msv!
Ezample word that is only in your memory.
This can be the same for all websites but I recommend having two, one for banking and shopping and another for everything else.
Tiger
Example combination:
dTFi$gjeBr@msv!
By adding in your memorised word in a pattern that you always use, you only need to remember the Tiger portion. In the above example I have done recorded, memorised, recorded, memorised until the memorised password ran out of letters and then used the rest of the recorded characters unaltered.
You could always add the whole memorised portion after the first, second or third character etc. For example, this could be: dF$TigerjB@msv!
Whichever you think is easier to do.
What about online password vaults?
As I mentioned above, there is no completely secure way of recording passwords. Passwords need to be complicated and different for each website you visit. Password vaults can be hacked and indeed they have been in the past. The advantage of a password vault is that they warn you if a site has been hacked, they can auto fill login information and you can get to your password information from practically anywhere.
You can use the above password method for password vaults as well and if you keep a password book safe then if you get locked out of your password vault for any reason then you can still get into your websites. If you do use this way to record login information, then you won’t be able to use the auto login function as they won’t have all your password.
The key to my password method is that however someone gets hold of your recorded password they shouldn’t be able to use it. If an employee of a website you joined is tricked into giving your whole password away then they will only have access to that one website because your passwords will be different for all the others. This limits the damage.
So, are password books safe? The answer is they can be safer than other methods if you are careful!
Full disclaimer: Ceri Clark has published two themed secret password books through Myrddin Publishing. Take a look at her cat themed book, Meow-nificent Kittens at http://cericlark.com/meow and her dog themed password book, Paws-itively Puppies at http://cericlark.com/woof