People love to use the same password over and over again, or they invent some amazing scheme like the same single word followed by their birth year, or replacing a’s with 4’s. And no matter how many password database get hacked the idea that password security matters doesn’t seem to really sink in.
When I do get someone to listen I tell them to use diceware generated passwords and them write them down in a little book and guard the book jealously (actually, I tell them to use a password manager but most people seem to balk at using software I think for fear of losing their passwords).
But then they often ask the sensible question: “What if someone steals that book?” And so I suggest a ‘two factor’ solution.
Continue reading: Two factor paper passwords | John Graham-Cumming