Would you trust Amazon or any huge corporation with all your login and passwords ?

So... It's a password book? Like, pen and paper?Not the best choice for storing passwords, but I'd be more willing to do that than trusting Amazon not to hold my passwords hostage with a digital service by them.

Here's the thing .. as crazy as a notebook with passwords sounds, it's not accessible to someone across the internet.

I'd rather people use this than reuse the same password everywhere.

I would trust it more than the biometric payment method they’re pushing in Whole Foods

Password managers check the URL before giving its data. A human being can be fooled into giving it to a fake web site.

Valid question. But this article is a physical book in your own hands. I am not saying this is safe or anything but has nothing to do with Amazon besides that they sell it.

This isn't even weird.

I think most security experts would recommend that you have your most important passwords written down somewhere, and then hopefully locked up in some safe or deposit box somewhere. You don't need to buy an entire book for it, but some people like to spend money.

If this is for your less important passwords, then for the most part, writing them down is actually better. You won't be as tempted to reuse your banking password for your social media. And some people like writing things down. A password manager is a better solution, but lots of people aren't as good with technology and if they even let the browser remember it, they won't know how to retrieve it later if they want to use a different computer, for example.

I would trust them with my Amazon password.

TBF, they can be fooled too.

Bitwarden warns against using autofill on load for that very reason, as then simply loading a malicious page might cause it to provide passwords to such a site.

And then, a human when a site doesn't autofill, is more likely to just go "huh, weird" and do it manually.

You've always got the human element, bypassing security features; but extra little hurdles like a password manager refusing to autofill an unknown url is at least one more opportunity for the user to recognize that something's wrong and back away.

If you're already used to manually typing in the auth details, you may not even notice you're not on the site you were expecting.

My password-manager is a script that gpg-decrypts to XDG_RUNTIME_DIR and then opens it in editor, encrypts back on changes. Is that bad?

I have a letter in my safe in the event of my death that contains all my passwords and accounts. I have also slipped in a dead man switch that she's unaware of that will wipe out my "collection of science".

Best option for non techies at home.

Yeah, It's actually quite a secure way to store passwords, since it requires physical access.

I knew a guy who had a drawer full of slips of paper with passwords written on. He called it the "security drawer". Made me smile, but probably shouldn't have been advertising it.

I've not found anything better. Storing on my computer, or worse someone else's computer, doesn't seem safe.

The trick is to use code language, and don't forget the code. Then you can use digital sources more freely, I feel.

Ah yes, the keep ass

Does anyone else know how to get into the safe?

My ex kept her's in an unprotected excel file. I never peeked, I was just surprised when I saw her accessing it on her laptop.