Password Management
Contents
Updated Password Requirements (Washington State Alignment)
The Evergreen State College has updated its password requirements to align with Washington State security standards. These standards emphasize improving real-world security while reducing user burden.
Password Managers
With these updated requirements, users are encouraged to adopt a password manager to securely store and generate strong, unique passwords.
Why Use a Password Manager?
- Generates strong, random passwords
- Reduces password reuse
- Securely stores and autofills credentials
- Helps comply with Evergreen and state security expectations
Strong password usage is one of the most effective protections against unauthorized access and cyberattacks.
Browser Password Managers (Not Recommended)
While convenient, the college does not recommend relying on browser-based password managers (such as Chrome, Edge, Firefox, or Safari) as a primary solution.
Key Concerns
- Weaker security models
- Often lack zero-knowledge encryption or advanced protections
- Exposure to browser-based threats
- Browsers are common targets for malware, phishing, and malicious extensions
- Credential/key storage risks
- Encryption keys may be stored in predictable or accessible locations
- Shared attack surface
- Passwords are stored in the same environment used for web browsing, increasing risk
- Limited enterprise features
- Lack secure sharing, auditing, and organizational controls
Browser managers are better than reusing passwords - but dedicated password managers provide significantly stronger protection.
Recommended Password Managers
The following tools are commonly recommended for Evergreen users. These recommendations are non-binding and do not constitute official endorsement or support. Additional details are available through the provided links.
| Tool | Best For | Key Points | Use Cases |
|---|---|---|---|
| 1Password | Most users across devices | Cross-platform; strong security; autofill, sharing, sync | Multi-device users; teams; easy all-in-one solution |
| KeePass | Advanced / security-focused users | Free, open-source; offline; highly customizable | No cloud preference; IT/technical users |
| Apple Passwords | Apple-only users | Built-in; sync via iCloud; autofill + alerts | Apple ecosystem; simple, no-cost option |
Summary
- Evergreen is aligning with Washington State and NIST-based password standards
- Password managers are strongly encouraged to support secure practices
- Dedicated password managers are preferred over browser-based options
Additional Guidance
- Never share your password with anyone
- Enable MFA wherever possible
- Report suspected compromised accounts immediately to IT email: support@evergreen.edu or call: (360) 867-6627
