A passphrase is a sentence or series of five or six words — comprised of letters, numbers, and/or symbols used along with your Network ID to log into your IU account. Passphrases are more secure than passwords because they contain more characters. They can also be easier to remember than passwords.
Use a passphrase to secure your account
Learn More About IU passphrases
More about IU Passphrases
By their nature, people pick passwords that are easier to remember. This also makes these passwords easy for online criminals to crack. When administrators introduce complex or random passwords for added security, it leads to frustrating password resets or insecure storage of passwords in easy-to-access spots.
Passphrases offer a balance between memory and security. By extending the length, complexity requirements are reduced, allowing almost any character, word, or symbol.
A passphrase can be something easy to remember – like a favorite song lyric or book passage – but with more characters, making it more difficult for hackers to guess. Choose something unique to your experience to ensure a more secure and memorable way to protect your valuable data.
While passphrases are easier to remember, balancing multiple accounts can still become difficult to maintain. A passphrase vault securely records multiple passwords and passphrases protected behind a single strong passphrase. This balance of security and convenience helps protect your accounts while making it easier to manage your stored passphrases.
Think of a passphrase vault like a bank vault: the vault combination protects its contents the same as your main passphrase can allow you to access your stored passphrases.
Encrypt the passphrase vault with a strong main passphrase of your choosing. If an attacker is somehow able to obtain the raw password vault file, your vault passphrase will still protect your other passwords from being decrypted.
Ensure the main passphrase is unique. If the login credentials used for a particular website are compromised by a data breach, keeping a unique vault passphrase will ensure that the other passwords and passphrases in the vault will still be protected.
Protect the password vault file. Passphrase vaults typically save their content in a file somewhere on your device. Storing this vault file on a system other than your computer's hard drive adds another layer of complexity. If you store your vault file on a mobile device such as a USB drive, ensure that they are encrypted, as they are more likely to be lost or stolen than a desktop computer.
Clear the clipboard. Some programs allow the copy and paste of passphrases for convenience. This also means that the passphrase is stored in the clipboard as clear text to be pasted again, until more text is copied later. Windows computers can save multiple bodies of text at once, and thus require additional steps to clear the clipboard.
Never leave your computer logged in and unattended. If your vault is unlocked and left unattended, anyone can sit down at your computer and read or write down your passphrases. This makes logging off or locking your computer when you step away critical. This is also a best practice for your devices in general.
Use caution storing your passphrases in the cloud. Due to vulnerabilities such as databases being compromised, it is recommended that users exercise caution using cloud-based vaults. See the next fold for cloud-based passphrase vaults approved by the university.
- 1Password (IU Login Required) - Multiple Desktop and Mobile Platforms - Free through enterprise deal
- KeePass - Multiple Desktop and Mobile Platforms - Free
- Lavasoft PC-Mac PasswordVault Lite - Supports Multiple Desktop OS - Free for up to 15 passphrases
- Password Gorilla - Supports Multiple Desktop OS - Free
- Password Safe - Windows - Free
University Use:
- 1Password (IU Login Required) - Multiple Desktop and Mobile Platforms - Free through enterprise deal
- Cyber-Ark Enterprise Password Vault - Enterprise