Office of Information Technology

Password Managers

A Password Manager is software that helps you to store and organize passwords while only having to remember one master password to protect all the usernames and passwords you store in it. Later there are several examples of password managers.

Your master password needs to be very strong to protect your information. For more information about creating a strong password, check out our Password & Securing your Account page.

Why use a password manager?

  • You do not need to remember all your passwords. Free up brain power for more important things - like classes.
  • You will never have the same password for every website again!
  • Your passwords are encrypted and safe.
  • You will have stronger passwords that will be much harder to hack.
  • No more sticky notes everywhere.
  • Easy to use.
  • Your passwords will be organized and easy to reach!
  • Most of them allow you to synchronize your data to multiple devices and platforms (Google Drive, Dropbox…)

For more information about why to use password manager software: https://msevensoftware.com/password-manager

 

Two categories of password manager:

There are two kinds of password managers: Browser-based and dedicated password managers.

Web browsers – Chrome, Firefox, Internet Explorer, and others – all have integrated password managers. Each browser’s built-in password manager can’t compete with dedicated password managers. For one thing, Chrome and Internet Explorer store your passwords on your computer in an unencrypted* form.

Mozilla Firefox has a “master password” feature that allows you to encrypt* your saved passwords with a single “master” password, storing them on your computer in an encrypted format. However, Firefox’s password manager isn’t the ideal solution, either. The interface doesn’t help you generate random passwords and it lacks various features, such as cross-platform syncing* (Firefox can’t sync to iOS devices).

 *see vocabulary at the bottom of the page.

 

How to use a password manager?

You go on the website you want to log into. Instead of logging on directly, you use your password manager. Go to your password manager and enter your master password. Then it will automatically fill in your login information for that website. If you already are signed in to your password manager, it will fill up the blanks for you directly.

 

Some options of password managers:

STRIP

  • Free
  • STRIP works on all the platforms you use, including iPhone, iPad, Android, Windows Desktop and Mac OSX, keeping your information at your fingertips whether you're at home, in the office, or on the go.
  • Data entered into STRIP is fully encrypted with 256-bit AES using the peer-reviewed and open-source encryption engine SQLCipher, providing you with advanced protection against brute force and side channel attacks.
  • You can organize your information into Categories, Entries, and Fields. Define your own labels and set the data types to control behavior. You also can create templates.
  • Synchronize data changes across multiple platforms using Google Drive, Dropbox or WiFi.
  • STRIP lets you arrange your data how you want. That flexibility in part comes from our dynamic fields—the labels on each field control how the fields behave when e.g. a Website field allows you to launch a URL in your web browser, a Phone field will dial a number on your device's Phone app.

LastPass

  • LastPass generates a password for a new site, or complete an online order.
  • LastPass offers easy-to-use tools to generate complex passwords and then remembers them for you.
  • Sensitive data is only encrypted and decrypted locally, with a key that is never shared with LastPass. 256-bit AES encryption, one-way salted hashes, and PBKDF2 iterations ensure complete security with the power of syncing through the cloud.
  • You can synchronize your data across multiple platforms.
  • Provides options for multifactor authentication. By adding a second login step, you're better protecting your account - and the information you've stored in it.

Dashlane

  • It's free to download and use, but if you want your passwords synced across devices, you'll need Dashlane Premium, at $40/yr.
  • Dashlane supports Windows, OS X, Android, and iOS, and has plugins for Chrome, Firefox, Safari, and Internet Explorer.
  • Support for two factor authentication.
  • Allows you to share passwords with emergency contacts
  • Change multiple passwords on dozen of website with a few clicks.
  • Notifies you if you have an account on a website that is hacked.

KeePass

  • Free
  • Your passwords in KeePass are stored inside an encrypted database that you control, on your own system, and are never synced or uploaded anywhere unless you want to take them from machine to machine.
  • KeePass is also a portable app, meaning it's super easy to take with you and use on multiple computers, even if that machine is locked down and all you have is a thumb drive.
  • Own password generator, makes it unique and strong.

1Password

  • Flexible and easy to use
  • Works seamlessly in just about every web browser
  • Comes with a strong password generator to help you pick good passwords every time you change one, secure notes for other passwords or notes that you want to keep private.
  • Digital wallet for bank accounts and payment info
  • Password "recipe" builder that lets you customize your passwords to your demands instead of just accepting whatever algorithm the password generator spits out at you.
  • Can be used locally only, without syncing any information to the web, or you can use it across all of your devices by syncing your encrypted vault via Dropbox, iCloud, Wi-Fi, or shared network folders
  • You also can set up emergency contacts and share passwords with authorized users.

 

Vocabulary:

Encryption: Encryption is the conversion of electronic data into another form, called ciphertext, which cannot be easily understood by anyone except authorized parties (source: http://searchsecurity.techtarget.com/definition/encryption).

Cross-platform syncing: ability to share your data/information across different platforms, for example from your computer to Google Drive, or to your smartphone. 

 

Sources: 
http://lifehacker.com/5529133/five-best-password-managers
https://www.zetetic.net/strip/
http://www.howtogeek.com/141500/why-you-should-use-a-password-manager-and-how-to-get-started/
Images: https://passwarden.com/sleep_well & http://www.darkreading.com/perimeter/cartoon--end-user-security-prayer/d/d-id/1316122 

20 August 2015, Thursday 14:44
UA LogoABOUT UA | UAA | UAF | UAS | STATEWIDE OFFICES | UAONLINE

The University of Alaska is an AA/EO employer and educational institution and prohibits illegal discrimination against any individual. Learn more about UA's notice of nondiscrimination.
UA is committed to providing accessible websites. Learn more about UA's notice of web accessibility.
This site is maintained by OIT. For questions or concerns, please contact the OIT Support Center.
For questions or comments regarding this page, contact helpdesk@alaska.edu.

Back to Top