There are many articles written about the the need for robust passwords, and strong views are expressed on the ideal length and composition of a password, how often it should be changed and the kind of encryption schemes that should be used. This is an important subject, since there are several freely-available password-cracking programs that can make short work of decoding a weak password with a simple encryption scheme. However, while it is obviously desirable to have strong passwords to protect key systems and services, the physical security of the passwords is often given less attention. There is little point in having a strong password if it is freely available to anyone who happens to pass by, either on a list pinned to a notice board or in a plain-text file stored on an insecure workstation.
展开▼