My school laptop blocked extensions

my school laptop forces us to use google chrome(we also have safari but its really behind on updates and an admin password is needed to update it and stuff like honorlock wouldnt even work there). I have been using a password manager(bitwarden) and made an account just for school accounts to be stored). Now extensions are blocked so should I just use more basic passwords(not 123 but also not the 20+ randomized character stuff) or should I store my passwords within chrome. Its also not sustainable to just use my phones password manager because like we aren’t supposed to have our phones and getting my phone back from the teacher every time i need a password isn’t sustainable. One thing I am worried about with using chromes password manager is someone just grabbing my laptop when im not looking and taking my passwords.
tldr: should i use more basic 10-12 character passwords(not the school issued one) and reuse it on multiple sites or should i use chromes built in password manager.

Maybe this isn’t allowed; but you can dowload bitwarden to you laptop as a program instead of an extension

i apologize for not understanding the school topic.
is there an option school requirements will permit a student to provide their own computer?

is it possible to set a desktop text file to store the different passwords u can copy paste out of?
also, any time your not in arms reach of the machine it should be locked. this is for your safety. reentering your password is a torment to unlock your machine every time you comeback, but it is going to save you. guaranteed.

can you make a faraday bag? like a clear plastic bag with a roll over flap that seals out electronic signal, but put shoulder straps on it like a backpack.

electronic safety bags that protect from static electricity are easy to get and repurpose. possession reduces need for defense.

school passwords should always be separate and never shared . always sandbox school programs. preferably to a not otherwise used machine. what ever machine (phone laptop computer) is used for school should be disconnected, turned off and completely segregated like a infectious disease. preferably to a separate location. never used for anything other then school, or permitted to be around your life in any aspect aside from school.

A few questions to get a clearer picture of your situation:

  1. Is this a school laptop that is yours to use all the time? Are you taking this home and in-between classes or is this like in a computer lab where you go to the computer and it may be a different computer every time?
  2. How many accounts do you need for school? Is it as few as two or three accounts, like a Google account, a school account for like checking grades, and maybe something else for like a school software?

I’ll use my situation at work as an example. I have a work laptop that I can take with me wherever I want. Of course the only thing it’s used for is work. I have two main accounts: a Microsoft account because that’s the infrastructure my company uses and an HR system account for handling things like paid time off requests. Everything else I use is either a Microsoft service or uses my Microsoft account credentials with Single Sign-On. That’s the setup that’s been provided to me.

Caveat on how this has been implemented by my employer's IT department

Long story short: I think it’s fine.

First, I don’t have a choice, so I’m not going to sweat something that I can’t control.

Second, my IT department is probably more knowledgeable about being secure than I am because they’re literally IT people and I am not.

Third, they’re having to face the trade-off between security and ease of use for average folks. They can’t ask all of their employees to have as high security awareness as they can, so they give the employees one setup and try to mitigate risks as much as possible on the infrastructure side by controlling permissions and things like that.

Fourth, I as an individual need to diversify my passwords, but a company diversifies their passwords by virtue of all their employees. That’s how they do compartmentalizing. If my credentials get leaked for one of my banks, I know my other bank accounts are safe because they don’t use the same password. Similarly, if my work credentials get leaked, I am just one Microsoft account for IT to shut off while they contain and resolve the problem. It makes sense from the perspective of an organization, in my opinion.

Fifth, what I am doing on my work laptop is limited. I am working. It matters to my employer, but it’s not as important for my digital well-being specifically.

Sixth, there are always holes to poke so I’m writing all this to say that I acknowledge the possible shortcomings of this structure even though there’s nothing I can do about it.

How many passwords do I have to worry about? Two. The Microsoft password gets me into the computer (I know, I know) and most of the services I will use. The HR system password gets me into the HR system. Because it’s just two, I don’t need to use a password manager for that. I just treat them like I do master passwords. I use long but easy to remember passwords that probably can’t get cracked in a reasonable amount of time.

Assuming your situation is anything like mine, there you go, lol. If not, I thinking answering the questions up at the top will help to work something out.

1 Like

we cant download programs

Maybe These 2 browser-based password managers will work for you.

https://www.lesspass.com/

i cant get browser extensions

I would recommend using Bitwarden’s web vault (https://vault.bitwarden.com/). This obviously sacrifices the convenience of the browser extension, but since your school isn’t allowing extensions, I don’t see what can really be done about that. You can bookmark the link and copy and paste passwords from the web vault as you need them.

1 Like

i forgot this was a thing this is the perfect solultion. tysm