Why not use something like Password Gorilla to store your passwords rather then writing them down? It would then only require you to remember one or two passwords to have access to your whole password list. Much more secure then all those passwords you have written down in your wallet.
About the TPM, yes it would work, and would do the job nicely when paired with a Smart Card (not a finger print reader). The gist is you have your Smart Card on you at all times, slap it in to the computer, and log on. There is quite a lot of behind the scenes stuff, but the idea is (if I remember this right) the Smart card is registed to the TPM, and the TPM approves the Smart Card when you plug it in to log on. The advantages are that the TPM is tamper proof and it exists outside the OS. However TPM's are soldered to the motherboard and only available on business line laptops/some business desktops (with VPro tech.).
Originally Posted by TheLastPriest
you could always just password protect a file, then keep a notepad file on the desktop with every character on the keyboard typed in then copy and paste to spell your password, that always messes with keyloggers, even some higher end spy programs that take screen shots because they usually screenshot every 10-60 seconds, too much delay to see what you are doing. At least thats how I beat my brother once.
That is a terribly inefficient and insecure way of doing things. Passwords are remembered via touch and muscle memory, not mentally. By day 5 out of the 90 days my departments passwords live, I know the passphrase by touch and have now idea of the specifics of it. In addition, what happens when you want to log into windows? or log in quick to check your e-mail? or when some one is looking over your shoulder?
Authentication is through:
Something you have (smart card), Something you are (finger prints), something you know(password).
If you want to enhance security you can combine this into multi-factor authentication. Two factor is the most recommended since it isn't too strenuous. Smart card authenticates to the TPM, and you enter a password to log into windows. Both are required, and without one, you cannot access the system.
About the RSA token, they are neat, but the RSA software is extremely expensive, and is not for consumer use.Edited by trueg50 - 5/18/11 at 6:53am