Did you know the average user visits 25 web sites per day? 73% of users use THE SAME PASSWORD to log into sites that require authentication. Do you know what the length of the average password is? SIX CHARACTERS! Care to guess how long that takes to crack a six character password? THREE-SECONDS!
It seems like every site we go to wants us to create an account. Keeping up with login information can get out of hand. What’s worse is that it promotes the practice of re-using credentials (BAD); it promotes the use of short or uncomplicated passwords (BAD); it promotes the practice of writing down passwords (Yep. That’s really BAD).
One way to keep up with the plethora of passwords is to use a password manager application. Some of these include names like “LastPass” or “Dashlane”. These applications not only store your credentials securely, they offer other benefits such as cross-platform use (e.g. your workstation and or your smartphone) a password generator and integration with two-factor authentication methods. Some even offer enterprise management that support the applications across a business (or a family?).
These applications can generate some really complex passwords - passwords that you have no chance of remembering - but the application will remember. All you have to do is to remember ONE really good password - the one that access the password vault.
Several of these products are on the market. Most of them have no-cost versions as well as premium versions available. While the university doesn’t provide these services at this time, OIT recommends their use over keeping lists or “sticky-notes” with credentials stuck above your screen.
While OIT doesn’t provide support for these applications, we can make a couple of recommendations to you when shopping around:
1. IF two-factor authentication is available - USE IT! Not only would a good, strong password protect your information, a token - like the one generated by most two-factor systems - would add a layer of security to your password vault.
2. PAY FOR THE PREMIUM VERSION! - The cost of most of these products is less than $1 per month. You get the added features of being able to integrate all your devices with the password vault as well as integration with two-factor systems and tokens such as YubiKey. The maxim, “You get what you pay for” really applies here.
There’s a great PC-Magazine article that compares the various password managers that are available. You can check it out at https://tiny.utk.edu/password-managers (Yes…that link is OKAY to follow - if you don’t trust it, search for “comparison of password managers” in your favorite search engine).
As always, DON’T share your password with ANYONE; DON’T re-use credentials (especially your NETID password); DO use 12-characters (okay…at least nine or ten characters) when creating your passwords.
It seems like every site we go to wants us to create an account. Keeping up with login information can get out of hand. What’s worse is that it promotes the practice of re-using credentials (BAD); it promotes the use of short or uncomplicated passwords (BAD); it promotes the practice of writing down passwords (Yep. That’s really BAD).
One way to keep up with the plethora of passwords is to use a password manager application. Some of these include names like “LastPass” or “Dashlane”. These applications not only store your credentials securely, they offer other benefits such as cross-platform use (e.g. your workstation and or your smartphone) a password generator and integration with two-factor authentication methods. Some even offer enterprise management that support the applications across a business (or a family?).
These applications can generate some really complex passwords - passwords that you have no chance of remembering - but the application will remember. All you have to do is to remember ONE really good password - the one that access the password vault.
Several of these products are on the market. Most of them have no-cost versions as well as premium versions available. While the university doesn’t provide these services at this time, OIT recommends their use over keeping lists or “sticky-notes” with credentials stuck above your screen.
While OIT doesn’t provide support for these applications, we can make a couple of recommendations to you when shopping around:
1. IF two-factor authentication is available - USE IT! Not only would a good, strong password protect your information, a token - like the one generated by most two-factor systems - would add a layer of security to your password vault.
2. PAY FOR THE PREMIUM VERSION! - The cost of most of these products is less than $1 per month. You get the added features of being able to integrate all your devices with the password vault as well as integration with two-factor systems and tokens such as YubiKey. The maxim, “You get what you pay for” really applies here.
There’s a great PC-Magazine article that compares the various password managers that are available. You can check it out at https://tiny.utk.edu/password-managers (Yes…that link is OKAY to follow - if you don’t trust it, search for “comparison of password managers” in your favorite search engine).
As always, DON’T share your password with ANYONE; DON’T re-use credentials (especially your NETID password); DO use 12-characters (okay…at least nine or ten characters) when creating your passwords.
Date Added
Oct 03, 2014