Password Managers | Pepperdine University | Pepperdine Community

Password Managers

With a password manager you never have to memorize more than one password!

A password manager can:

  • Secure and organize multiple passwords.
  • Generate extremely strong passwords that you don't have to memorize.
  • Use simple copy/paste or adanced web browser integration to input the appropriate password without typing.

A password manager is only as secure as:

  • The strength of your master pass phrase.
  • How well the company used cryptography in the app.

Support

The Information Security Office (ISO) lists the password manager programs below at the Recommended level, which means ISO has evaluated the application and determined:

    • The app meets high standards of security, limited only by the strength of your master passphrase.
    • The app meets minimum standards of user friendliness.

Security and usability feedback on Recommended programs is solicited for submission at infosec@pepperdine.edu.

CAUTION: Use of other apps instead of these recommended programs is risky, because they are NOT certified to do the job securely; many companies that sell security apps don't do a good job implementing encryption.

Tips

  1. Use a master pass phrase for your password manager that is easy-to-type and different than your Pepperdine NetworkID password [better security].
  2. Back up your password database with your normal file or disk backup methods [in case your storage fails or your device is stolen/lost].
  3. Sync your password manager database to cloud storage (if supported) so it can be securely shared between your computer and other devices.

CAUTION: Choose a strong master pass phrase that you can remember; without the master pass phrase no one can access the passwords, not even you!

Recommended Password Managers

KeePass and KeePassX

  • User Friendliness: C+
  • Cost: Free (Windows and Mac) or Paid (mobile). Access KeePass (Windows) from its home page, or KeePassX (Mac/Windows) from its download page.
  • Use Case: You intended to store all your passwords on a single computer.

Password Safe

  • User Friendliness: C
  • Cost: Free (Windows and Universal Java Version) or Paid (native versions for mobile & Mac) This password manager has both a free Windows and a free Java version (runs on any computer with Java). There are enhanced paid versions of the software for Mac, iOS, Android. Find more info about Password Safe at its Home Page or get the free Java version. Mac users will have to control-click and select OPEN to run the Java version the first time.
  • Use Case: You intended to store all your passwords on a single computer.

1Password

  • User Friendliness: A The browser integration and multi platform sync in this application, as well as its availability across all major operating systems and devices, may make it a worthwhile investment. 
  • Cost: Paid (free for mobile). Use the smartphone or tablet versions standalone for free or upgrade them to integrate with the paid desktop versions. More info on 1Password at their Home Page or purchase (Mac/Windows) or download free (iOS/Android) from links at their education store.
  • Use Case: You have a lot of passwords or intend to use them on multiple devices and keep them in sync.

Pepperdine LastPass Enterprise

Personal LastPass is NOT Recommended for University work.

  • User Friendliness: B+
  • Cost: Paid (Licensed by ISO). If this is the right Password Manager for your department's use case, contact ISO x4040 for a consultation; we have a limited number of licenses for testing through October 2017).
  • Use Case: Your technical or administrative team needs auditable management of many passwords, perhaps including those which must be securely shared between authorized users (e.g. Admin accounts like Unix root, Windows Administrator, database or service access passwords or financial account PINs). Pass phrase complexity and uniqueness can be audited.