Using a Password Manager

Password managers are applications that store your passwords securely and offer a mechanism for logging into websites without the need to remember all of your passwords. A brief list of tools can be found at the end of this page that have been assessed by the Cyber & Digital Security team, but there are plenty of others to choose from.

Benefits of using a password manager

• You do not have to remember all of your passwords, only your master password.
• You can have a unique and complex password for each account.
• You will save time by being able to copy and paste your passwords into systems or by using automatic form filler functionality.

Restrictions

Password managers may be used for all types of accounts. However, privileged account passwords should not be stored in cloud-based password management systems. 

Understanding your obligations

Don't forget that you are responsible for ensuring the security for all of your passwords, including your password file. Any loss of ANU passwords or password files must be reported to the Cyber & Digital Security team. 

Password management Tools

• KeePass
• KeePassX
• LastPass 
• Keychain
• Dashlane
• 1Password

Usage recommendations

Select a strong master password

It is essential to secure your password file with a strong master password. The master password or passphrase should be at least 16 characters (preferably more) and be memorable.

Enable two-factor authentication

Most password managers provide two-factor authentication that allows for an additional authentication mechanism to increase security. This could be as simple as a key file stored on a USB device to complement your password.

Create a unique and complex password

Use a complex and unique password or passphrase for each account that can be generated within a password manager application.

Separate personal and work passwords

You should use separate password files for work and personal passwords, and ensure that any backups are fully encrypted.

Don't forget that you are responsible for ensuring the security for all of your passwords, including your password file. Any loss of ANU passwords or password files must be reported to the Cyber & Digital Security team.