*So we are at a point where just a strong password stored in memory is actually ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		reaperducer 77 days ago \| parent \| context \| favorite \| on: Gmail's backup codes are useless to access account So we are at a point where just a strong password stored in memory is actually the safest option (given brute force protection)? The safest option is straight out of 1994: Sticky notes. Security keys can get lost or stolen. If someone breaks into your house or office, they're going after something other than a sticky note in your desk.

modeless 77 days ago [–]

Passwords on sticky notes can be phished. They can also be lost or stolen. The advantage of security keys is that phishing doesn't work on them. Phishing is a lot more likely for the vast majority of people than a thief both stealing their security key and knowing what to do with it.

Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact