Lock Down Passwords with a Password Manager

September 29, 2018

If you have a large pile of individual keys, how will anyone know which key fits into a particular lock? Similarly, we end up with a huge number of passwords since we know we need to maintain passwords that are unique for each system and hard to guess (which usually makes them hard to remember).

Enter the Password Manager! This tool will track all the details for you so that each ‘key’ (password) is stored securely and matched up to its corresponding ‘lock’ (site/system/application)

TAKE ACTION by completing one of these steps to lock down your login and up your password game, tell us about your experience and be entered into a drawing for a $50 Amazon gift card. 

  1. Set up LastPass password manager:
    1. https://lastpass.com/
    2. https://support.logmeininc.com/lastpass/get-started
  2. Set up Google two-factor authentication:
    1. https://its.ucsc.edu/google/security.html
  3. Set up a Password Recovery Email in CruzID Manager:
    1. This will allow you to change or reset your password through self-service
    2. https://cruzid.ucsc.edu/

Are my passwords safe?

Credentials (user IDs and passwords) are compromised all the time through direct target of an individual or hacking into a database. Once the hacker has your password they will try it on many different applications. UCSC Information Security subscribes to services that alert us to compromised credentials. Usernames and passwords are easily available for purchase through online black markets. There is a demand for personal information that can be used to facilitate cybercrime, and a robust supply of sources.

Why is a password manager important?

A password manager can generate strong, unique, random passwords for each of your accounts, store these passwords and help with the log on process. You will use a single master password to access all of your unique passwords. The password manager can prompt you so that you do not reuse or recycle existing credentials.

How do I get a password manager?

The ITS Division utilizes Enterprise LastPass (https://lastpass.com/) which offers a free consumer version that anyone can use. LastPass has published articles and videos to help you understand and use available features. https://support.logmeininc.com/lastpass/get-started

It’s simple to get started by creating an account, adding your sites and using LastPass to log into your sites.

Already using a password manager? Step up to two-factor.

Check to make sure your password manager provides two-factor authentication, set it up and use it! Two-factor provides extra security to protect your master password from getting hacked.