Well This Isn't Good...

I was at a conference recently and one of the presenters brought this little gem up in his presentation. Yes, that's right, this really is an honest to goodness "personal internet address & password logbook." I wish I was kidding. It's for sale, a best seller no less, on Amazon for $7.95!

What's worse is that it is one of three thousand, you read that right, 3,000 results that come back if you search on Amazon for "password book."

This isn't Amazon's fault, but OMG who would actually use something like this? Imagine you're traveling and lose this book. Kiss your identity goodbye because you just lost the keys to your kingdom.

I know people who keep lists of all their usernames and passwords and the web sites where they are used. This scares the you know what out of me as it's so unsafe. I was flabbergasted to see there's an entire business of slick little books designed to do the same thing. In 2019!

These things are available in every imaginable color, with crafty covers, tabbed, un-tabbed, with pockets, without pockets, the options are endless. Let me be clear, THESE BOOKS ARE A HUGE SECURITY RISK!

Please don't use these. I mean no disrespect to the individuals and organizations who create these, but given the cyber security threats that we are facing every single day, these things should be banned.

If you are a regular reader of my blog, you know that I am a huge proponent of password managers. Are they perfect? Of course not. Are they hack proof? Nothing is. Do they protect your sensitive username and password data as well as any other option presently available? You bet they do. Please do not write down your credentials on paper where they can be easily lost or stolen. Please use a password manager. Once you get acclimated to using one, you will seriously wonder how you manager your online accounts without one.

Password managers allow you to set very strong and random passwords for any site you need to log in to. The password manager remembers them for you. All you need to remember is one, very strong master password to unlock your password manager. I recommend making that master password a phrase that only you will know. Password managers encrypt your data, so without the master password, all anyone will have access to is gibberish. Most importantly, the companies that make passwords managers focus on these products and keeping them useful and secure. I doubt the publisher of your "personal internet address & password logbook" is overly concerned about your privacy and security.