Password Management Apps-yes or no?

Password management apps are great tools when used properly
Password management apps are great tools when used properly

Password management applications are great tools when used properly. It is a best practice to not use the same password for business applications and personal applications. There are some systems that might require changing a password sooner than others, so it’s hard to remember multiple passwords. Instead of writing down passwords, or keeping a document on your computer, password manager applications are the answer.

Setting up a profile in an application like LastPass is a great way to keep all your passwords in one place. You only have to remember one very strong password – the one securing your password profile. For help picking a strong password – watch this two minute video from Sophos security: https://youtu.be/pMPhBEoVulQ


Some best practices for using a password manager application would be:

• Set up two-factor authentication if the password manager supports it

• The master password should be strong – at least 10 characters long, using uppercase letters, lowercase letters, numbers, and a special character

• Never use the master password for any other account

• Change the master password periodically if there is concern of a risk (such as the LastPass master password breach incident: https://krebsonsecurity.com/2015/06/password-manager-lastpass-warns-of-breach/)

• Keep the passwords being managed up to date

• Keep the password manager application up to date


Do not respond to an email with your password. (To stay informed of phishing scams, subscribe to the phishing listserv: http://its.unl.edu/security/phishingunl)

If you have questions, contact the ITS security team at security@unl.edu.