Secure your other passphrases
Considerations |
Protect your passphrases
Do not write down any passphrase and store it in a visible location. A sticky note placed on the underside of a keyboard or on the side of your monitor is not a secure passphrase storage location. Anyone with physical access to your workstation will easily be able to get this passphrase.
Enroll in multi-factor authentication
Where possible, enroll online accounts in multi-factor authentication. A passphrase alone is no longer considered secure for many online services. Ideally, use an authenticator app with your phone, or if that option does not exist, use MFA via text message or email codes.
Create a guest account on your computer
Instead of sharing your computer passphrase, create a guest user account for non-regular users. This will help keep your passphrase—as well as your documents linked to your other account—safe.
Secure passphrase storage
If you use multiple different passphrases to access different electronic resources, you may find it difficult to manage all of this information. University Systems recommends the use of KeePass XC to securely store these passphrases. KeePass XC allows you to enter your username/passphrase combination required to access different resources and stores these in an encrypted, passphrase protected file that you can store in a secure location such as a UVic file share or your M365 OneDrive. You can access the passphrases when needed using the KeePass XC application from your computer or mobile device.
KeePass XC uses the same password safe database format (KBDX) as the older KeePass application. If you previously used KeePass, this database will work with KeePass XC as well.
KeePass XC is available for a variety of devices including and as a browser plugin. KeePass XC also provides a on configuring and using the program. Please ensure that you keep your master passphrase safely memorized. If you lose this passphrase, your KeePass XC database will be inaccessible. If you share this passphrase with another person, he/she will have access to your passphrases.
This eliminates the need to record or write passphrases on paper or other physical object that can be lost or stolen.
To further prevent access to this secure passphrase storage, ensure that only authorized users can access your computer or mobile device by protecting it with a username and passphrase or a passcode. Ensure that your laptop is set to lock after 15 minutes of inactivity and prompt for a username and passphrase to unlock. This will reduce the risk of an unauthorized user from easily accessing your laptop and having an opportunity to access KeePass XC.