Password managers are applications that can be used to store and generate unique passwords for websites and services. They are usually locked by a single master password that is required to access the other stored passwords. Most password managers include web browser plugins that automatically fill in passwords to online services for you. Using a password manager prevents a single compromised password from being able to unlock your other online accounts. Using a password manager helps employees comply with UVU Policy 447 Section 4.2.1 which states:
All device owners shall ensure passwords used on their devices are not easily guessable by attackers.
Employees are responsible for the security of their account passwords, including the security of any password managers they choose to use to manage those passwords. UVU security does not provide subscriptions for premium password managers. However, many free password managers are available:
LastPass is a freemium password manager that stores encrypted passwords online. LastPass comes with a web interface, browser plugins, and smartphone app. All of your content in LastPass, including passwords and secure notes, is protected by one master password. The content can be synchronized to any device you use. Information is encrypted with AES-256 encryption with PBKDF2 SHA-256, salted hashes. Encryption and decryption takes place at the device level.
LastPass can generate passwords for sites that you visit in your web browser and save these passwords to be auto-filled later on. It can also be used to store other sensitive notes and keys. LastPass allows you to set a password hint for your master password in case your forget it. LastPass also allows for the use of two-factor authentication to unlock your password vault.
1Password is a password manager that store various passwords, software licenses, and other sensitive information in a virtual vault that is locked with a PBKDF2-guarded master password. By default this vault is stored on the company's servers for a monthly fee. 1Password can be set up to only store password files locally, and not sync with remote servers. It can also be set up so that files are synchronized through Dropbox, local Wi-Fi, iCloud, and 1Password.com. Some of these features are only available on iOS and macOS.
1Password subscriptions begin at $3 a month for personal plans, with family and business plans available. 1Password allows for the use of two-factor authentication to unlock your password vault. Apps are available for macOS and iOS, with browser extensions available as well.
KeePass Password Safe is a free and open-source password manager primarily for Windows. It also officially supports macOS and Linux. Additionally, there are several unofficial ports for Windows Phone, Android, iOS, and BlackBerry devices. KeePass stores usernames, passwords, and other fields, including free-form notes and file attachments, in an encrypted file. This file can be protected by a master password, key file, and/or the current Windows account details. By default, the KeePass database is stored on a local file system and is not synced to the cloud.
The password vault can be locked with a master password or a key file. If both methods are used, then both must be present to access the password database. KeePass can encrypt the database with the AES or Twofish, or ChaCha20 symmetric ciphers. It has a password generator and synchronization function, and supports two-factor authentication. It can use a two-channel auto-type obfuscation feature to offer additional protection against keyloggers. KeePass can import from over 30 other most commonly used password managers.
Dashlane is a freemium password manager app and secure digital wallet. The app is available for macOS, Windows, iOS and Android. The app's premium tier enables users to securely sync their data between an unlimited number of devices on all platforms. By default, the wallet is stored on the company's servers, but there is an option to keep it on the user's device instead. Dashlane protects passwords locally using AES-256 encryption, and users can only access their account information by using a single master password. The app has a digital wallet that can aggregate credit cards, bank accounts, IDs and other personal information, as well as automatically fill that information for users during online experiences like check-out.
A free version is available, with syncing disabled after the first month. Premium account holders are able to back up their data and sync it across unlimited devices.