Manage Passwords Safely
This article applies to: Security & Policy
It's common to have dozens of passwords for things like Cornell resources, online banking, e-commerce sites such as eBay or Amazon, and other websites.
University policy forbids using your NetID password for other sites, and it is a poor security practice to use the same password for all sites, so multiple passwords are a requirement.
Create unique, strong passwords
- One for your Cornell NetID
- One each for any services that you want to keep very secure, such as logging on to your computer, online banking, or other key personal matters
- One in common for services where you are less concerned about security or if other people access the information
Consider using a password storage app
Password storage apps are the most secure way to store and manage passwords. They allow you to create one very strong password that is then used to encrypt and store all other passwords. Although password storage apps are useful for personal passwords, we don't recommend storing any Cornell credentials in any service.
Avoid writing passwords down
If you must write down a password, make sure the account with which it is associated is unclear. For example, if you had a money bank shaped like a cat when you were a kid, you might write “cat” next to your bank password to help you remember what the password is for.
Keep people from trespassing on your computer
- Lock your computer when you aren't using it. Don't use the password that unlocks your computer for any other purpose, and make sure it is strong.
- Keep browsers from giving away your information. Don’t use “remember password” utilities in your web browser or email client. They make it easy for someone to log into your accounts if they gain access to your computer.
- Encrypt any passwords stored on your computer, preferably with a password storage app.