When older family members have entire notebooks dedicated to logging obscure, easily-hackable passwords, but then download any app in the world that promises to "make your phone run like new!" (by using 30MB more RAM on God-knows how much malware)
We aren't doing a good job of educating people if anyone we know can fall victim to those kinds of hackneyed procedures and snake-oil apps. It's almost painful to watch, and have to be the bad guy by telling someone dear to me they've been making things worse for themselves because of a seemingly harmless app that they were almost proud of.

  • 3
    You said it: non IT users have no education about "the Internet" and new technology in general.

    That's a real problem and I'm not sure someone is trying to solve that issue.
  • 2
    The real problem is that they do not want to be educated at all.
  • 1
    FWIW: if your notepad only exists in a secure place and there's only a single copy of it, I really don't consider it to be that bad. If the alternative is easily guessable passwords, having secure passwords written down in a notebook is a better alternative.

    I tend to agree with Google's threat model for Chrome. If you have physical access to their password book, you also probably have physical access to their computer.
  • 0
    @plttn Having a hard-copy of passwords isn't a security issue. It's more of a sanity issue, because they're trying to keep track of a bunch of different passwords that really have nothing inherently secure about them. In other words, they're putting an obnoxious amount of effort into what they think is "security," but the actual password is maybe eight characters and has common, non-alphabet characters mixed in.
    Maybe I should write a program that cracks their passwords by brute-force, and when they see how easy it is then they'll listen.
Add Comment