I find tatooing very long passwords on the underneath the tongue of interns (in cipher text) especially effective. Excluding drunken debauchery, it takes the consent of two people to unlock the password. (I'm kidding, its not cipher text!) Deepak Jain AiNET On Mon, 1 May 2000, Shawn McMahon wrote:
A lengthy discussion of why wouldn't be on topic here in NANOG, but it's a basic principle of computer security that if your password is so long that you must write it down to remember it, it is by definition too long.
It is better to have a less-"secure" password that is not written down anywhere.
If you must write a password down somewhere, it should be in a safe-deposit box that nobody has access to, so that it can only be recovered after your death.
If you must write a password down electronically, it should encrypted, which makes it no better than the password of the encrypted database, so passwords should just plain flat never be so long that you have to write them down.
The Gnu Keyring exists so that:
1) We can keep track of more passwords as securely as possible.
2) We can keep track of too-long passwords assigned to us by well-meaning folks.
3) We can keep track of long non-password numbers without having to haul around dangerous things like credit cards. :-)
If you worked for me, I'd ask you to destroy that piece of paper and not do it again.
On Mon, 1 May 2000, Bennett Todd wrote:
I recommend instead picking an _exceptionally_ strong, computer-generated random password for the keyring itself, and writing it down on a slip of paper in your wallet until you've used it enough times to memorize it.