Photo: Steven Puetzer/Getty Images

As far as opsec goes, writing down a password on a piece of paper isn’t the worst idea. Provided you can put that piece of paper somewhere — tucked inside a copy of Infinite Jest, beneath the footbed of a pair of particularly rank sneakers — where nobody but you will ever find it. The idea here being it’s a hell of a lot harder, short of somebody finding your hiding place, to hack a piece of paper than it is to hack a password manager, or a Google doc, or any other internet-connected place you might have stored your information. This, of course, all goes out the window if you forget that piece of paper at a public bus stop in Washington, D.C., which is what White House staffer Ryan McAvoy reportedly did earlier this month.

A White House staffer wrote his encrypted email password on White House letterhead and then left it at a bus stop https://t.co/7cpgAuflMw pic.twitter.com/qJ1Xsqg0G7 — Sam Biddle (@samfbiddle) March 17, 2018

McAvoy wrote down his username and password for encrypted email platform ProtonMail, the Intercept reports. Depending on how secure McAvoy’s account was — like if he uses two-factor authentication — it might not have been possible to log on using the information found at the bus stop. It’s also unclear if this was McAvoy’s personal email or a professional account. Either way, it’s still not a great look for the Trump administration. An administration that historically has been so fond of calling certain other people out for lax email security.