I have heard it is also how NSA secure their personal passwords, they keep them in a little black book because there is no scalable attack to get access to them at rest.
And because a little black book might be carried in a pocket and potentially misplaced or stolen, some teams use a system of small self-adhesive pieces of paper, each with just a single password on it, that are attached to the front of the PC. This in turn is secured by a cable lock to the desk.
I'm not and never have been NSA, but I nonetheless have a sordid past with what is arguably a related line of work. This is how I manage my passwords.
In environments where regular rotations are required, I print off a new "biscuit" via `(date ; pwgen $PWGEN_FLAGS) | lpr`. I then append to the candidate password something of a personal identifier that only I know.
It’s legal to have one login to a top classified computer and save your lower classification passwords there.
A few coworkers identified which systems allowed us to re-use passwords, fixed passwords, non expiring reset passwords, etc. warning signs with the password on the back too.
