Password management is hard, but my parents really have a hard time following/remembering the basics. I am looking for a fool proof guide that I can print out and add it to the fridge for my parents to follow. Beyond passwords, a guide around avoiding scams/phishing/etc.
Print out a tabular sheet of<p><pre><code> Website name | account name | password | Date last changed | Notes (check qs and additional login info)
</code></pre>
I am doing this for my 80yo mentee.<p>Paper is safer imho. I'd love to take him to a password store but he's ipad and integrations are poor. The built in Keystore is fine: he just forgets which ones he's reused. Chrome does good checks if you love Google.<p>2FA needed. I wish it wasn't SIM/txt but for now it's all I can reliably get him to apart from Apple "check trusted device"<p>Distinct pw per account is increasingly vital. Seniors have shitloads of risk in their pension banking and related.
What does being ~50 years old have to do with anything? I'm 50 and I'm the one who designs and implements those login screens, password managers, authentication databases etc etc...<p>The actual question is why haven't we solved authention in a way that would work for most people? Passwords suck. Webauth sucks. Two-factor sucks more than you can ever imagine. There isn't a way to authenticate that wouldn't suck for normal people (apart from password-less one-time sessions but those don't solve most auth problems).<p>That said, what's wrong with the time-tested way of Post-IT notes? No, it's not secure but it's one of the only ways that actually works with normal non-autistic people. Or like @ggm said above, a paper with login codes attached to their fridge with magnets. It just f*cking works.
Use a password manager. Let it generate and remember passwords. Built-in to MacOS/iOS/iPadOS, including MFA. I switched my parents to iPads a few years ago, terminating my frustrating <i>pro bono</i> IT support contract with them.
My dad locks himself of accounts on a weekly basis. Paper is the only system that is anyway reliable. Ultimately, the only 100% system is me, although not always convenient.<p>He used to manage fine when he could use the same password for everything but alas those days are gone.<p>Funnily enough I had to hack into his account last week since he was locked out and the only way back in was a phone call to the bank which I was able to make and answer every question required for a reset. It was basically standard name address and date of birth stuff.