It depends on your threat model of course, but in most situations an attacker that is physically near you is less concerning than an attacker that can be anywhere in the world.
In most cases I'd rather you had a twelve character random string written on a post it attached to your monitor than the password "password" not written down anywhere.
In most cases I'd rather you had a twelve character random string written on a post it attached to your monitor than the password "password" not written down anywhere.