Passwords and password managers

Passwords only protect well if you protect the passwords. To protect against having your information pirated, choose your passwords wisely, don't use the same password twice, and use a password manager.

Passwords

Choosing a password

  • Longer passwords are best.
  • Try using a sentence ("passphrase") about something personal, e.g. "Harry & Isabel were married 76 years!"
  • Complexity helps: use a mix of upper and lower case letters, numbers, and special characters.
  • Don't re-use passwords: use a different password for every account or site you use.

Multi-factor authentication

The factors used for authentication are generally:

  • Something you know, e.g. a password or what a crosswalk looks like.
  • Something you possess, e.g. a phone or a security device
  • Something inherent to you, such as a fingerprint or your retina.

Two-factor authentication uses two of these things, usually a password and perhaps a code sent to your cell phone. Some security systems require use of three things.

Whenever multi-factor is an option, you should choose to use it. That way, even if your password is compromised, your personal information will not be.

Password managers

A password manager is a computer program that allows you to store, generate and manage your personal passwords for online services. There are many excellent password managers to choose from. There are many alternatives available for personal use, such as Bitwarden, 1Password, Dashlane, Keeper, and KeePass.

Advantages

  • You need to know only one password -- the one for your password manager. It is called a "master password".
  • You can easily create and use strong passwords that are different for every account or site.
  • You can automatically update changed passwords in the database.
  • You can easily find and log in to the sites and accounts you use, across all of your devices.
  • You can store other digital assets, such as your drivers license or vaccination record, in the same secure database.
  • Similarly, you can access other things you have stored -- passports, social security numbers, etc. -- across all of your devices.

How it works

A good password manager:

  • Assists in generating and retrieving complex passwords.
  • Stores passwords in an encrypted database or calculates them on demand.
  • Uses "Zero-Knowledge" encryption, which is just about impossible to crack because your master password is not stored. What IS stored is proof that you have the password.
  • Encrypts and decrypts data  on your device using your master password.
  • Uploads encrypted data to a server. The data is synced from the server with other devices when those devices authenticate or when you manually initiate a sync.
  • Can be installed as an extension on your computer browsers, such as Chrome or Safari.
  • Can be installed on your phone and tablet as an app.

Be prepared

  • Keep your digital assets documented in your password manager.
  • Share passwords and other digital assets of your choice with a person or persons of your choice, e.g. the person who will handle your affairs if you become incapacitated or die or your spouse or other person that you share assets and responsibilities with.
  • Those with whom you share have their own password manager accounts and passwords -- they don't need to know your master password.
Maps and Locations Jobs Directory Contact ASU My ASU
Repeatedly ranked #1 on 20+ lists in the last 3 years
Copyright and Trademark Accessibility Privacy Terms of Use Emergency