Password Managers

Harvard University’s Password Manager Offering

Harvard University has selected 1Password as the preferred password manager for use at the University.

Privacy Notice: Please be aware that this offering will require you to create a private vault within the HU 1Password vault. The main vault may be accessible by administrators and should not be used for your personal accounts.

About Password Managers

You'll hear many people tell you that "You should use a password manager!" But why? How does it benefit you? Aren't there dangers to storing all your passwords in a single place? ​​​​

Reasons to Use a Password Manager

1: Good Password Hygiene

We've all heard the advice "Have a complex password which is different for every site you visit." There's no way any of us could remember the hundreds of passwords needed for the sites we visit. A good password manager will help you create, store, and use strong passwords. Most modern password managers will also allow you to access those passwords from any device, including your phone.

Why are unique passwords important? While reusing a really strong password at multiple sites does mean that it will be easier to remember, there is a danger. If one of those sites is compromised, bad actors may walk away with lists of people's usernames and passwords. Since most websites use your email address as your username, these bad actors will frequently run scripts which check to see if you've used the same password at multiple sites. This is called "password stuffing."

2: Protection against Phishing

Bad actors often spend time recreating replicas of trusted websites. Sometimes these fake sites are indistinguishable from the real ones. However, a password manager isn't fooled by these fake sites. If the password manager doesn't recognize the site, it won't suggest a password. This can save you if you've fallen prey to a well-crafted phishing email.

3: Sharing Credentials

Many of us have passwords that we need to share with multiple people. This could be as simple as sharing your Netflix password with family members. Password managers allow you to securely share those passwords, and if necessary, un-share them.

Your HBS Credentials: There may be some accounts that need to be shared amongst colleagues. For example, you may have a social media account that multiple people manage. A password manager will allow you to share that safely, and easily un-share it if someone leaves the team.

However, your personal Harvard/HBS account should never be shared with others and should not be stored in the main 1Password vault.

Other Password Manager Services

There are numerous password managers available.

  • BitWarden

  • KeePass

  • Apple's Keychain is also a great solution if you only use Apple products.

What about using my browser to store passwords?

This is not recommended for sensitive accounts. Web browsers are fairly easy to break into, and lots of malware, browser extensions, and even honest software can extract sensitive information from them.