You don't leave them on the desk. Lock them up with a key. Every office gives you file cabinet that locks.

That's basically an analog password manager, we have gone full circle.

Or we return the metaphor to github repos, having a separate cabinet is like having a secret vault so that secrets are not directly in plain view in the repo itself, which is exactly what you should be doing.

Not quite full circle as we have now agreed that writing your passwords down on paper is acceptable.

I'll grant you that, it's not the medium that matters. But pen on paper wasn't my objection, it was the post-it note on the bezel of your monitor.