Overcoming password overload

Do your passwords pass muster?  The answer for many of us surely would be "no." Some of us continue to use a single password for dozens of accounts. Those who have graduated to multiple passwords likely are carrying cheat sheets that easily could fall into the wrong hands. It's risky password behavior, either way, jeopardizing the security of the Iowa State network and any other networks we use.

Still, how are we to keep track of dozens, maybe hundreds, of unique, hard-to-crack passwords? Information technology services staff members have the answer: Password managers.

Manage your passwords

A password manager is an application that helps you organize and store your passwords, said information security officer Andy Weisskopf. Once you've set up your manager, logging in gets a lot easier. All you need do is remember one master password. The manager will do the rest, keeping your passwords nice and secure (on your device or in the cloud) and pulling them up when you need them. The manager also can generate unique passwords for each of your logins.

"A password manager is an excellent step to secure your identity," Weisskopf said. "As long as you create a strong master password and don't use it anywhere else, you'll have a robust, unique password on every site without having to remember it."

Popular password managers

Most, if not all, password managers use the standard 256-bit AES encryption. Most support Mac and Windows and many are available for mobile devices as well. ITS staff members offer this summary of five popular password managers.

  • LastPass supports Mac, Windows, iOS, Android and Linux. The manager stores your encrypted passwords in the cloud (online) and encrypts all data (including your master password) before it leaves your device. The basic version, which would satisfy most users' needs, is free.
  • 1Password supports Mac, Windows, iOS and Android. It can encrypt and store passwords locally (on your devices) or in the cloud. Users can access passwords within their Internet browser pages. There's a free trial for Mac and Windows applications. License costs are based on user numbers and platforms. Android and iOS apps are free, with more features for a fee.
  • KeePass Password Safe is an open-source manager, free and available for Windows, Mac, Linux, iOS, Android and Windows phone. It encrypts and stores passwords locally.
  • Dashlane supports Mac, Windows, iOS and Android. You can keep encrypted data locally on one device or sync it between multiple devices. Dashlane offers a free version (with ads and fewer features) than the paid premium version.
  • RoboForm started as a form-filling program and evolved into a password management application. It stores encrypted passwords in the cloud and integrates with browsers -- automatically filling out forms and logging you into services.  Some RoboForm apps are free. Unlimited access across various devices is free for those with a university address; others pay a fee for unlimited access.