Griffith has partnered with LastPass, a password manager to help you create, store and manage strong, unique passwords for all of your Griffith Enterprise accounts.
This Cyber security improvement is an integral part of the Griffith University Integrity Program. Hackers break into computers by guessing passwords. A strong password provides essential protection from identity theft. LastPass is a tool that can help you manage your passwords securely. Remember, cyber security is everyone's business!
- LastPass remembers passwords in your vault and logs you into your online accounts as you work.
- Provides secure methods to store and share Enterprise passwords.
- Promotes the use of long and complex passwords - perform a Security Challenge for feedback on your password strength and tips to improve your passwords.
- Access LastPass with a single Master Password - your Master Password should be strong, unique and memorable. If you forget or lose the password to your LastPass Enterprise account, Griffith or LastPass can not reset your password.
- LastPass Enterprise is available to store Griffith Enterprise passwords - it is not recommended to store personal information. Set up a personal LastPass Free account and link it to your Griffith Enterprise account.
- Griffith LastPass administrators do not have access to information stored in enterprise accounts; administrators can only perform management activities such as provisioning or deleting an account and security metrics.
Master Passwords: What you need to know
With LastPass, you can have one strong "master" password to protect the passwords of all your other accounts. You are prompted to create the Master Password when you initially sign up for your LastPass account. You will be required to change your master password every 180 days.
When setting a master password you must:
- Create a long, strong master password that is memorable. Consider making a passphrase similar to: 2020TravelMadagascarveryexcited!
- Never share your master password with anyone, including Griffith or LastPass administrators.
- Never use your master password as the password for any other account, including your University account. It should be unique.
- Create at least one master password recovery option (e.g. password hint, SMS).
- Never forget your Master Password.
Griffith or LastPass can not reset your password or recover any of your stored data. If you forget your password and do not have a recovery option set, we can only delete your account and provision a new account. This configuration is intentional – it ensures that no one else has access to your passwords or private information.
When to use LastPass
Storing website passwords
Securely store your Enterprise passwords, sites, form fills and secure notes in your LastPass vault.
Securely store and manage team passwords
Use the Sharing centre to share an item (username, password, Secure Note, etc.) with another LastPass user.
Keep Non-Griffith (personal) passwords separate
We do not recommend storing your personal information in your Griffith Enterprise account. Find out how to create a personal LastPass account and link it to your Griffith Enterprise account.
Do the Last Pass Security Challenge to see if your passwords are too simple, reused in multiple places or potentially compromised.