ISO Position Paper
Position Title: LastPass Password Manager Adoption
Position Audience: Princeton University Community
Contact Information Security Office: [email protected]
Position Release Date: August 1, 2019
One of the weakest links in password security is often how they are stored. It is not uncommon
for people to have more than 50 passwords across all of the different services they utilize today.
Good password hygiene dictates that all 50+ should be long, strong, and unique. As such,
many resort to storing these passwords in spreadsheets, writing them on sticky notes, or saving
them in their browser. All of these methods are insecure and put those passwords, and the
information they protect, at risk.
All members of the University community should use a quality password manager such as
LastPass. The University has partnered with LastPass to offer its LastPass Enterprise and
Personal Premium products at no charge to the individual. The ISO recommends that LastPass
be adopted in order to increase security and lower risk for the University.
In the near future, there will be areas of the University where LastPass will be mandatory on a
Data classification: Public