That advice mostly originates from security folks working in workplace environments, where passwords that are written down may be visible to people who are threat vectors.

Password books are basically physical password managers. The only problem I have with them is that the passwords in most password books I've seen aren't very creative or random. As long as you write down randomly generated passwords instead of permutations of the names of your kids/pets/parents, I don't know what people are panicking about.

The perfect password book is combined with a word you remember but don't write down as a pepper, but I doubt it's much of a problem in practice; it takes one leak of an u hashed password to break the code.

I think for many the risk of someone breaking in and stealing your password book is much smaller than the risk of a centralised password manager getting hacked (LastPass and friends).

My fear with a password book (wife has one, different than OP) is it getting lost or destroyed.

I worry about this more with things like hardware keys / flash storage

Say your wife is a well known Bitcoin billionaire.

And your wife bought something from my eBay store. Now I have your home address.

And if I am a ruthless character then I quietly break into your house one day with th3e objective of leaving no sign I was ever there. Search for written down passwords, take a photo, leave.

Okay, so assuming you get past this theoretical billionaire's physical security (at a minimum gated fences and an alarm system; if they're actually a billionaire, probably 24/7 armed private security as well) and into their mansion, how long do you think it would take you to search their 7 bedroom 10000 square foot mansion for these written down passwords which you have no information as to whether they even exist?

If you're going to rob a billionaire, you're probably not doing it cartoon style.

You'd find a legit way into the house.

You get Tom Cruise to do the job of course.

Ahahaha

You get hired as a cleaner

So the "Live, Laugh, Love" sticker on the kitchen wall isn't safe? /s

Hilarious

Unless they own it in a trust.

Of course its obvious there's many ways to get someone's address.

The point is that companies put vast effort into digital security but in many cases it's easily compromised by going to the home of the person that is the hacking target.

If they schlep to your house and successfully break in they might as well tie you up and beat the password and whatever info they need out of you.

Especially if your parents accidentally left you home alone..

Someone kept theirs in their wallet, and their passphrase showed up on a publicly released police body cam the other day when their insurance was checked or something.

I think it’s reasonable advice for most people. The alternative is usually having a simpler password which is worse if your threat model is ‘hashed password shows up in big breach’. If your threat model is ‘someone turns up to your house to get your password’ your worry should not be theft of the paper.

The biggest threat with this scheme is you. After that your kids, your house keeper, your friends and visitors.