Password Manager Guidelines

This KB Article References: LastPass, LastPass Enterprise
This Information is Intended for:
Last Updated: January 04, 2023
Average Rating: Not Rated
Your feedback is important to us, help us by logging in to rate this article and provide feedback.

Password Manager Guidelines

When used properly, encrypted password managers can increase convenience and reduce risk by eliminating the need to reuse passwords or rely on weak passwords that are easy to remember. Even so, password managers can potentially expose our accounts to new risks that can be greatly reduced by following the below guidelines.

Do

  1. Use a long (16+ characters), strong (special characters, mixed case and numbers) master password that is NEVER reused on any other website or application.
  2. Enable two-factor authentication (2FA) on your password manager.
  3. Rotate or change your master password if you are concerned that it may have been compromised or once a year.
  4. Enable two-factor authentication for every account you store inside of your password manager.
  5. Reset any password that may have been compromised, or every year if you are unsure.

Do not

  1. Store two-factor authentication seeds in the same password manager as the corresponding password.
  2. Store high risk passwords of accounts that don’t have two-factor authentication enabled.
  3. Store master passwords inside of a password manager.
  4. Reuse your master password for any other account.
     

Additional Information


There are no additional resources available for this article.

Provide Feedback


Your feedback is important to us, help us by logging in to rate this article and provide feedback.

Sign in with NetID

Getting Help


The Division of Information Technology provides support on all of our services. If you require assistance please submit a support ticket through the IT Service Management system.

Submit A Quick Ticket

Supported By


Information Security Team