Password Managers

What is a password manager?

Password management applications are take the pain out of remembering multiple passwords. You just need to remember one unique, long, and complex password to access all of your saved passwords. A password manager handles generating, remembering, and filling in your passwords to all accounts it knows about.

Password Manager Options

Operating System-Based

Apple Devices

Starting in iOS 15 and macOS 12 (Monterey), Apple devices include a password manager that:

• Integrates with Safari

• Syncs via iCloud using the iCloud Keychain feature

• Supports generating MFA codes after parsing a QR code
  
  

  • Apple calls these "verification codes"

• Automatically fills password and MFA code fields for known accounts

Because iCloud Keychain synchronizes your saved password and MFA codes, you only need to set up a saved password and verification code on one of your iCloud Keychain-enabled devices, and it should be quickly available on all your other iCloud Keychain-enabled devices when signing in to Microsoft in Safari. If you have a Mac, most people find it easier to save new passwords and verification codes to iCloud Keychain on Mac.

macOS-First Setup

Follow the instructions below to confirm iCloud Keychain is enabled, and save your Geneseo password and verification code to be used by iOS Safari when signing in to Microsoft.

1. Open System Preferences, verify that you are signed in to iCloud. (Sign in if you are not.)
   
   

   Open

   

2. If the Keychain box is unchecked, click it. Please only click once, and be patient! It usually takes over 3 seconds for the checkbox to turn blue like the other enabled services.
   
   

   Open

   

3. Open Safari's Preferences, then on the AutoFill tab make sure User names and passwords is checked.

4. Sign in to manage your security info. Click Save Password when prompted after submitting your password.
   
   

5. Follow our Other Authenticator instructions to add a new MFA method. When you are given a QR code, right click it, then click Set Up Verification Code. Select the microsoftonline.com account with your email address to the right, and click Add Verification Code
   
   
   

6. You should now have a Verification Code attached to your microsoftonline.com saved password in Safari. Use this code to complete the Authenticator app setup.
   
   

7. Click your user icon in the top right of My Sign-Ins, click sign out, then sign in again.

8. When you focus in the username or password input text boxes, Safari should suggest your saved password. Click it, and either use Touch ID (if available) or your account password to decrypt your saved password and have Safari paste it in for you.
   
   

   
   
   
   

9. When you focus in the Authenticator code input text box, Safari should again suggest your saved account. When you click it (authenticating with Touch ID or your password), Safari will paste in your 6-digit code.
   
   

iOS-First Setup

If you have a Mac device, CIT recommends setting up your Geneseo saved password there, and using iCloud Keychain to synchronize that to your iOS device. If you don't have a Mac, it's still possible (and useful) to follow the instructions below to save your Geneseo password and verification code to be used by iOS Safari when signing in to Microsoft.

1. Start in Settings > Passwords

2. If you already have a saved password for your Geneseo account listed, skip ahead to step 3. Otherwise, tap the plus icon and create a new password entry with the following field data:

   1. Website: login.microsoftonline.com

   2. User Name: your Geneseo email address, example: gennysquirrel@geneseo.edu

   3. Password: your Geneseo password
      
      

      
      
      
      

3. Open Safari and sign in to manage your security info. If you only have one saved password for login.microsoftonline.com, you will see a blue button to confirm submitting that account. Otherwise, pick the suggested username you want, or tap the key icon to the right and pick your desired account.
   
   

   
   
   
   

4. Tap add sign-in method, choose Authenticator app, and tap Add.
   
   

   
   
   
   

5. Tap the blue I want to use a different authenticator app text. Tap the blue Next button.
   
   

   
   
   
   

6. Tap the copy button below the secret key next to copy the secret key to your device's clipboard.
   
   

   
   
   
   

7. Head back to Settings > Passwords, and tap on your the saved password for your Geneseo account you used in step 3.
   
   
   

8. Tap Set Up Verification Code, then Enter Setup Key. Tap in the text box, tap Paste, and tap OK. You should now have a new section above Notes containing a 6-digit code, and a countdown for its validity. 
   
   

   
   
   
   

9. Switch back to Safari, tap Next, tap in the Enter code text box, tap the autosuggested Verification code to automatically fill it from iCloud Keychain, and tap Next.
   
   
   

10. You should see a new "Authenticator app" / "Time-based one-time password (TOTP)" at the top of your authentication methods. You're done! 🎉

Browser-Based

All modern browsers will offer to save passwords when it detects you submitting them to websites. These saved passwords are encrypted, and most browsers also support synchronizing them across your other instances of that browser using their data sync service. Modern mobile operating systems such as Apple iOS and Google Android are starting to support integrating with these browser-based password managers, further extending the value of using your browser's data sync service.

However, with the exception of Safari, anyone with access to your unlocked computer can easily open your browser password list and read all of your passwords. Browser password managers can also be limiting when you need to use multiple browsers to access different services. They also usually can't store other secure information such mutli-factor authentication (MFA) codes.

•  

  • Automatically enabled in your browser of choice

  • No cost

  • No extra apps

  • Simple to get started with

  • Browser data sync services can make your passwords available across devices, including mobile

•  

  • Passwords are confined to that browser vendor

  • Only Safari supports generating MFA codes for your accounts as of mid-2022

Click on the icon for your preferred browser below to see how you can manage passwords with that browser.

1Password

The college has purchased a subscription to one of the best dedicated password management applications available - 1Password for teams. 1Password securely syncs your passwords across your computers and mobile devices ensuring you always have quick, secure access to all your passwords. It also has an excellent interface for accessing and managing those passwords. Additionally for Geneseo users, 1Password has robust sharing for managing passwords for services that you share with your team, such as departmental email accounts, external website logins, and social media accounts.

Please visit our article 1Password For Teams for more information on 1Password for teams at Geneseo.

Personal Password Manager

If you are looking for a personal password manager or do not have access to 1Password, BitWarden has a good free offering. There are some good articles available on how to get started using BitWarden and the importance of password management for faculty and students. Support for generating MFA codes for your accounts can be added with a $10/year subscription.

•  

  • Access from anywhere

  • Browser plug-in, mobile app, desktop app, and web-based versions

  • Some bonus features, such as data breach report

  • Can share passwords with one other person, such as a spouse or child

•  

  • Takes some upfront effort to get set-up

  • MFA code generation not included in free version

If you want to explore different password manager options, check out this article from Wirecutter: The Best Password Managers or passwordmanager.com to find a password manager that will work for you.

Related articles