Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

You can keep a physical password book. For someone to get it, they need to physically steal it. If you keep it at home in a fairly safe location, it seems fine to me.

If someone breaks into my home, they’ve got it. But that’s not a threat model that scales, so it’s not a major concern to me.



>You can keep a physical password book. [...] If you keep it at home in a fairly safe location,

But people are often away from home and want to log into websites and apps from their smartphone. A physical password book sitting at home is useless for that very common scenario. That "login from anywhere" is the typical motivation of gp's comment: "How can I keep passwords on 2 computers, an iPhone and iPad all in sync?"


Right, and instead of companies promising safety they can't deliver, it would be better to just be honest about the fact that it is hard.

And again, to take it a level further -- I would absolutely use a company's software under one, and only one condition -- indemnity/warranty.

Any company that is willing to go "If you get breached, we will pay for the harm" can absolutely take my money.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: