What Is The Safest Place To Keep Your Passwords?

Your brain, your browser, your Password Manager or your Password Notebook?

Author

Anthony Collette
December 23, 2025 • Estimated Reading Time: 6 minutes

This question pops up often. There’s quite a bit of discussion and research in the cybersecurity community exploring the pros and cons of different approaches.

We’ve listed every password storage option the cyber pros debate, and provided some food for thought about each one.

— Anthony Collette
Founder, Loistava Information Security

What is the safest place to keep your passwords?

You have these options:

  • Your Brain — The passwords of the past simply don’t keep us safe online anymore. So creating multiple passwords simple enough to memorize is a weak strategy. One exception would be to memorize the master passphrase for your Password Manager (and store a paper copy).

  • A Sticky Note — A common favorite (ha!) but not the best solution when all of us have 100+ online accounts.

  • A Word or Excel File — This approach is strongly discouraged because if hackers gain access to your laptop or workstation, then they get access to all of your online accounts.

  • Your Browser — Cybersecurity researchers have persuasively demonstrated that saving passwords in your browser on a Windows, Mac or Linux laptop or workstation is not secure. There’s no evidence I’m aware of which points to the same problem using the built-in Google Password Manager on a Chromebook. If you’d like to learn more, you can search online for the term “infostealers” or follow researcher Britton White on LinkedIn.

  • Your Password Book — Although you’ll see “experts” sometimes badmouth physical Password Notebooks, they’re a perfectly acceptable alternative for people of any age. It’s totally fine to write down then securely store your passwords. Digital storage is more convenient, but at least with a Password Notebook, you’ve eliminated some online threats. Just be sure your Password Notebook is stored securely away from family and visitors. Well-known and highly respected cybersecurity author Roger Grimes had this to say about printed password books:

  • Your Password Manager — This is the best solution for most people. Your Password Manager will create a Modern Password for you, quickly and almost effortlessly, with just a click or two. It’ll remember that new password forever, no need to even try to memorize it. And when you visit the site again, your Password Manager will type that long, complex, unique password into the website’s login page for you.

  • Consumer Single Sign On (SSO) (“sign in with Google, Apple, Microsoft, etc.”) — Although convenient, what happens if your Google/Apple/Microsoft account is hacked? Password Managers match the convenience factor here, and by using a Password Manager for every online account, your online experience signing in will be predictable every time.

Where should you not store your password?

It’s generally best to avoid sticky notes and little pieces of paper. You’ll also want to avoid storing password lists in an unencrypted document on your laptop or workstation.

How do password managers work?

Password Managers create, store, memorize and type out your passwords when you login to each online account. They also check to make sure that the login page you're using is legit, and not a fake page created by some Digital Klepto™ trying to scam you.

You can eliminate 95% of the pain of passwords — right now, by using a Password Manager. You can be:

  • Free from the chore of thinking up passwords.

  • Free from the burden of memorizing passwords.

  • Free from the worry of forgetting passwords.

  • Free from the bother of typing passwords.

  • Free from the hassle of frequently resetting passwords.

Can hackers see my saved passwords?

If you’ve saved them in your browser’s built-in password manager, the unfortunate answer is yes. The Chief Information Security Officer of Chapman University explains how and why that’s a problem best to avoid. If you’ve stored them in an unencrypted word processing document, or a spreadsheet, then hackers can definitely get all your passwords if they gain access to your device.

What is the safest password manager?

Some of the most highly respected Password Managers are 1Password, BitWarden, ProtonPass, and Dashlane. All password managers are not created equal. Before choosing one, consider whether or not they’ve been hacked, and if so, how serious was it? Have they been fined?

Password Managers Are The Safest Way To Store Passwords

This really is the best solution for most people, most of the time.

If you’ve never used one before, you’ll get the hang of it quickly. Plus, once you’re all set up, your Password Manager will log you in to most accounts easily without any typing required. So not only is it secure, it’s also a huge time-saver.

Password Managers are an elegant solution to a painful problem.

Join us

Weekly resources to help keep you safer online — protecting you from hackers, online scammers, and other Digital Kleptomaniacs™.

No spam. No selling your email. Just factual, actionable information once a week, from people who truly care about online security.  You can unsubscribe any time — but we hope you’ll want to stay with us on this journey.

Cybersecurity is a modern form of wealth, and you deserve to keep what you've earned.

Looking forward to connecting again next week.

— Anthony Collette

Digital Kleptos™

Reply

or to participate.