My passwords are so confidential I’m going to write them down on this notepad that says TOP SECRET PASSWORDS. I mean it – these passwords need to be kept SECURE and PRIVATE, so I’m going to WRITE THEM DOWN and label them “My Passwords for all my things that are online.” That will be the best way to keep them safe.
Seriously, don’t buy this.
Bret
on 01 May 08Are you more likely to use a harder-to-crack password if you write it down?
Writing down passwords is not that unreasonable of an idea.
SH
on 01 May 08It’s unreasonable to put TOP SECRET PASSWORD on the piece of paper you write your PASSWORDS down on.
Anonymous Coward
on 01 May 08Uh, it’s a joke. ThinkGeek makes clear it’s a joke.
SY
on 01 May 08Clearly it’s humour – as a cursory look at the other items further down the page would have confirmed?
Very average post compared to the last entry…
Joe
on 01 May 08That is clearly a joke product. Like this one.
ceejayoz
on 01 May 08Uh…
Tom G.
on 01 May 08Hmm… There should be a web site that does this somewhere…
Anonymous Coward
on 01 May 08UH…We get the fact that it’s a joke, people. The post is relating that information to you clearly. If you think your sense of humor is so sharp that it can pick up on the subtleties of comedy, perhaps you should read the post again. People need to lighten up and have some fun once in a while.
Kevin
on 01 May 08On a more serious note: If you’re on a Mac and looking for a way to securely manage passwords, check out 1Password. I just installed it a couple weeks ago and don’t know how I ever lived without it.
Paul Hart
on 02 May 08+1 to Bret’s link to the Schneier article above. It’s far better to use passwords that are impossible to remember and write those down somewhere safe than it is to have one or two passwords you can remember and use them everywhere. You may not want to include all the pertinent details that the form has, but the base suggestion is good.
Hans
on 02 May 08While obviously meant as a joke, in all seriousness, I might trust this tablet (hidden in a safe or locked desk drawer at home) moreso that an encrypted password file on my computer. One is potentially accessible only to physical intruders. The other is potentially accessible worldwide. Wonder what the odds of each happening really are.
Brendan
on 02 May 08Someone needs to get out more, perhaps go watch comedy hour at their local, so they can recognise it in future.
I’d love to get a stack of these – they’d make great conversation pieces.
And please make sure Sarah doesn’t visit the rest of the TG site, there is so much news-worthy (zOMG!) comedy gold there I’m not sure we can take it.
andrew
on 02 May 08True story: a colleague at a major financial institution phones the help desk for a password reset. We’re obliged to use the intranet about once every six months for compliance training, so of course we forget our passwords. The nice lady on the help desk asked him, “But don’t you write your password down somewhere?” He was speechless.
Brendan
on 02 May 08If only he had “the pad”. It would have all been ok then.
qwerty
on 02 May 08I can recommend online password manager Passpack. It’s not as stupid as it sounds: all data is en- and decrypted in the browser and only encrypted data goes over the wire and is stored on the server. If you trust the client-side encryption (whose could you could inspect), this is safe. Passpack has also good usability.
MZ
on 02 May 08@qwerty – You can trust client-side encryption but it’s not unreasonable to believe that there is a bigger possibility of someone compromising the Passprack server(s) than your home machine. In that case the intruder might get his hands on a ton of passwords. And there’s always the problem with a disgruntled employee that can access the passwords and wreac havoc for everyone. I don’t feel comfortable giving them to an online service, something like 1Password will do :)
Justin Knoll
on 02 May 08@MZ: The whole point of client-side encryption is that if someone compromises the Passpack server, they won’t get their hands on a ton of passwords, they’ll get their hands on a ton of ciphertext.
This is not an endorsement of Passpack, just a clarification.
MZ
on 02 May 08Justin Knoll – sure, but what about a disgruntled employee or general variety of insider threats? :) BTW, I have nothing remotely against Passpack, I just believe that people don’t think about all the possible problems before using an online service where they store confidential information.
Keith
on 02 May 08Classic ThinkGeek. I love it. It’d be even better on a T-shirt.
Joe Sak
on 02 May 08That site has dumb stuff.
Andy Kant
on 02 May 08While on the topic of password management, I’d recommend Password Safe. Its a bit more portable format, although the main app is Windows-based, there are some 3rd-party clients for Macs and Linux (I think they might all be Java-based and are a bit clunky…atleast Password Gorilla was but that was the best version I could find for my Mac).
Aaron
on 02 May 08This pad could work if someone had a sophisticated algorithm with which to disguise the actual passwords. That way they’d just need to remember one thing (how to transform the passwords on the pad) instead of many passwords.
Drew
on 02 May 08ThinkGeek is a damn funny site. I’ve actually gotten some good stuff from there, both gags and genuinely useful tools.
Greg
on 02 May 08The sheet is missing a warning that tha paswwords are ONLY to be viewed by persons inteneded. Anyone else viewing the passwords would be guilt of an ethics violation (hey! maybe we could pass a law…)
L
on 02 May 08I feel, if I can remember my passwords, it’s not secure enough.
Darcy McGee
on 02 May 08I run a password matrix that requires me to reset each and every password I use every 15 minutes.
It cross checks the password history between applications, so a recently used password in on application is not available to another.
If the password is not reset within the timeframe required, the system automatically triggers a lockout and I’m forced to answer a series of reminder questions, at which point the password is reset and sent to me by email.
I’ve never been hacked, at least not since I started this script process.
Daniel Miller
on 02 May 08...vows to say “For the heck” more from now on.
Gio
on 02 May 08BTW, this pad (and a bunch of the other products on Think Geek) are designed and manufactured by Knock Knock, a small product design company in Venice, CA. Very cool company.
Troy K
on 03 May 08I love the idea, I bought one and am going to give it to my father-in-law, who will actually use it— TFF :)
Not as Dumb as You Look
on 03 May 08Did you miss this in the ad??
Ok, who are we kidding – if you list your passwords on this, you deserve to have your identity stolen.
It’s a novelty item not worth mentioning in the first place,,,thanks for the time wasting post.
Tom
on 05 May 08Pop quiz. What’s more secure:
a) Re-using the same few easy to remember (and most likely easy to brute force crack) passwords across dozens or hundreds of websites, each of which has different security mechanisms and policies, many of which record your password in plaintext.
b) Using unique harder to remember passwords which you write down on a physical (un-hackable) piece of paper.
Graham
on 05 May 08I actually keep all my passwords on a backpack page called “Passwords.” But as Aaron suggested above, I have a little character substitution trick in my head to de-crypt them when I need them. If I only worked on one machine, I’d just stick a big post it note on my screen with all the passwords on it too.
Anna Lazcano
on 07 May 08This is really funny…
This discussion is closed.