Secure Password Storage & Management
There are a many simple methods to securely store and manage numerous passwords. Although all methods have their benefits and their shortcomings, below are a few good solutions, their recommended uses, and some info to get you started. Please also read our Password Checklist which consists of best practices for creating strong passwords and keeping them secure.
NOTE: ANY of these methods are better than storing your passwords in a notebook, on a sticky note on your monitor, under your keyboard, or in plain text on your computer.
1Password | KeePass & KeePassX |
LastPass:
Adequately secure
LastPass makes storing multiple passwords for websites and web services easy. It is available as a web browser add-on and an app giving you access to all your passwords anywhere, anytime - and it's free! SJSU affiliates can get LastPass Premium for free as well, which offers access from multiple types of devices and other features.
Create a LastPass Account for Free or SJSU LastPass Premium account (if you have a oneSJSU account)
-
- Create your LastPass Master Password
- Create a strong password that satisfies all of LastPass' minimum requirements
- Ensure that you are able to remember this password, so you can access your LastPass password vault
- You may add an optional password hint to help you remember your Master Password
- Create your LastPass Master Password
Get the LastPass Web Browser Add-On
-
- Choose your operating system > web browser > Download
- Once LastPass is added to your web browser, sign in
- Click the LastPass browser button in the top right corner of your browser
- Select "Login" at the bottom of the pop-up box.
- Enter you email address and master password.
How to Begin Using LastPass
-
- Visit a website that requires a login and enter your password
- After logging in, a pop-up will appear in the upper right corner of your browser prompting you to add this site's login info to LastPass
- Click Add
- Now, when you visit this site, LastPass will autofill your login information for you
- Configure your settings: click on the LastPass icon in the upper right corner of your browser > Account Options > Extension Preferences
- Check "Automatically Log out when all browsers are closed"
- Check "Automatically Log out after idle (mins)" (15 minutes recommended)
- More recommendations to make your LastPass account more secure are available here:
https://www.makeuseof.com/tag/ways-supercharge-lastpass-security/
Keep in mind that LastPass will only save and autofill your passwords when you are logged into the web browser extension. Simply login using your email and Master Password whenever you begin browsing on your computer.
LastPass Mobile App
- Visit your phone's app store
- Search for LastPass and download the app
- Open the app and Login
- Your passwords should be synced from your web browser account
- Passwords used on your phone will also be stored in your account
1Password:
Adequately secure
1Password is a password manager developed by AgileBits Inc. where you users can keep passwords, software licenses, and other sensitive information. Your account is locked with a master password. 1Password is not free and charges a monthly fee.
Pick your Plan:
Usethis linkto decide which 1Password plan you would like to use andcreate an accountYou will create yourMaster Passwordwhile signing upYou will also receive an "Emergency Kit" which encompasses your "Sign-In Address", your email address, and your "Secret Key"Download the Emergency Kit, you will need all of the information given plus your master password to sign into your account
Now that your account is setup, go to the next section to download and install 1Password on your computer
Download & Install 1Password here:
Download Browser Extension
Configure Settings:
To optimize your use of 1Password, make sure to look through the settings and customize them for your preferences. Below are recommended setting configurations:
Open 1Password > Select 1Password in top left corner > Settings > SecurityAuto-Lock: Lock when computer is lockedLock after computer is idle for: 3 minutes
KeePass and KeePassXC
Very secure
KeePass is one of the most secure, robust, and free password managers available.
If you are at all concerned about security, we recommend giving KeePass a try.
Download KeePass here:
- Windows - KeePass: http://keepass.info/download.html
- You can install either KeePass 2.42.1 (more in depth) or 1.37 (lighter, more basic)
- To learn which one is right for you, check out this comparison page
- macOS - KeePassXC: https://keepassxc.org/
Configure your Settings
These recommended setting configurations will make your KeePass more secure.
Windows:
1. Automatically save when closing/locking the database
-
- KeePass > Tools > Options > Advanced
2. Lock workspace after the following idle time (seconds): 120 seconds
-
- KeePass > Tools > Options > Security
macOS:
1. Automatically save changes upon quit or lock
-
- KeePass > Preferences > General (2)
2. Automatically lock the database after a minute or 2
-
- KeePass > Preferences > Security