LastPass Password Manager Adoption

ISO Position Paper

Position Title: LastPass Password Manager Adoption

Position Audience: Princeton University Community

Contact Information Security Office: [email protected]

Position Release Date: August 1, 2019

Updated: January 18, 2024

Problem Statement

One of the weakest links in password security is often how they are stored. It is not uncommon for people to have more than 50 passwords across all of the different services they utilize today. Good password hygiene dictates that all 50+ should be long, strong, and unique. As such, many resort to storing these passwords in spreadsheets, writing them on sticky notes, or saving them in their browser. All of these methods are insecure and put those passwords, and the information they protect, at risk.

ISO Position

All members of the University community should use a quality password manager such as LastPass. The University has partnered with LastPass to offer its LastPass Enterprise and Personal Premium products at no charge to the individual. The ISO recommends that LastPass be adopted in order to increase security and lower risk for the University.

Additional Information

LastPass for Princeton webpage

LastPass Knowledge Base article

Data classification: Public