When you identify yourself to get access to an online account or file, you usually use a password of some kind. You could also opt to use a passphrase.<\/p>\n\n\n\n
Unlike a traditional password, which typically consists of a shorter combination of characters (such as letters, numbers, and symbols), a passphrase can be more complex and longer, and may include spaces between words. Passphrases are often used to provide enhanced security for sensitive accounts or data, as they are more resistant to hacking and can be easier to remember for the user.<\/p>\n\n\n\n
The word passphrase is a portmanteau of the words \u201cphrase\u201d and \u201cpassword.\u201d It\u2019s used just like a password to gain secure access to a device, computer, account, or network. The difference is in the way it\u2019s structured.<\/p>\n\n\n\n
A passphrase is a sentencelike string of words used for authentication that is longer than a traditional password, easy to remember and difficult to crack. Typical passwords range, on average, from eight to 16 characters, while passphrases can reach up to 100 characters or more.<\/p>\n\n\n\n
Using a long passphrase instead of a short password to create a digital signature is one of many ways that users can strengthen the security of their data, devices and accounts. The longer a passphrase is, the more likely a user is to incorporate bits of entropy, or factors that make it less predictable to a potential attacker. As more websites, applications and services increase their user security requirements, a passphrase is a fast and easy way to meet these criteria.<\/p>\n\n\n\n
While you can use a passphrase as a substitute for a password anywhere that accepts longer strings of characters — such as Windows and macOS operating systems (OSes) — the most common use of a passphrase is as an encryption key. Because a passphrase is typically longer than a password, it provides better protection against potential attempts to guess or crack it. <\/p>\n\n\n\n
The use of passphrases to secure password manager applications or services is also common. This provides added security for common passwords — or those passwords that are difficult to remember.<\/p>\n\n\n\n
As mentioned, a long passphrase is already stronger than a shorter, more complex password. A strong passphrase contains a combination of different types of characters, such as uppercase and lowercase letters, numbers, and symbols.<\/p>\n\n\n\n
Still, you can make your passphrase even stronger by following some of the same rules from when you learned\u00a0<\/a>how to create a strong password.<\/p>\n\n\n\n Length is the most critical characteristic of a strong passphrase. Your passphrase must be at least 15 characters, though the longer, the better. Experts say that a 15-character passphrase is harder to crack with a brute force attack than a 12-character sophisticated password. You can also use spaces to lengthen your passphrase.<\/p>\n\n\n\n A critical advantage of setting a passphrase is that it\u2019s easier to remember because its strength is length rather than complexity. In other words, a short sentence with random words is easier to memorize than a shorter password with random numbers and symbols.<\/p>\n\n\n\n The best way to\u00a0create a passphrase\u00a0is to combine a group of words into a phrase that makes sense to the user and is easily remembered but makes no sense to anyone else. Thus, it should not use common phrases or famous quotes, as these can be guessed or cracked far more easily. Instead, passphrases should include words and punctuation that only the user would understand.<\/p>\n\n\n\n Best practices that users can incorporate when creating strong passphrases include the following:<\/p>\n\n\n\n Some ways of developing a passphrase include a personal story or memory specific to the user. Keywords can be used to tell this story — but, to all others, the words seem completely random. Other methods include the use of mnemonics or random, dice-generated passwords, along with a random document or word list to select words from.<\/p>\n\n\n\n Passphrases can certainly be considered better in a lot of ways than passwords. However, they have some of the same shortcomings. Here are the advantages and disadvantages of passphrases.<\/p>\n\n\n\n Let\u2019s look at the two main advantages of passphrases:<\/p>\n\n\n\n Password complexity\u00a0really comes down to two points:<\/p>\n\n\n\n Of these, the first point is more important. That\u2019s why just \u201cMonkeyPlainsMilkEurope\u201d is already a very strong password. Changing it to \u201cMonkey.Pl4ins.Milk.Eur0pe!\u201d brings the complexity level even higher.<\/p>\n\n\n\n Comparing both to a very complex password like \u201cac=oei$EdrN5`2k\u201d above shows how much more complex a passphrase can be.\u00a0<\/p>\n\n\n\n No human can remember passwords that look like the example above, \u201cac=oei$EdrN5`2k\u201d. It\u2019s just too hard. However, you can probably already say the passphrase we\u2019ve been using without reading it, \u201cmonkey plains milk Europe\u201d.<\/p>\n\n\n\n It\u2019s hard to come up with specific disadvantages of passphrases. However, it is important to remember that they still have three of the same big vulnerabilities as passwords:<\/p>\n\n\n\n If you store passphrases in unsafe locations, for example, a sticky note on your monitor or a Google Sheets document, then it is still at risk of being stolen. If someone can find your passphrase, then it doesn\u2019t matter if it\u2019s long and complex.<\/p>\n\n\n\n Remember that dictionary attacks exist. If you pick words that are commonly used in passwords to make your passphrase, then you are at risk of a dictionary attack. For example, \u201cPasswordPasswordPassword\u201d is still going to be cracked in seconds. If your words are short, for example, \u201cDogIceUp\u201d, then you still have an easy-to-crack password.<\/p>\n\n\n\n You are probably getting tired of \u201cmonkey plains milk Europe\u201d at this point because it is stuck in your head. However, if you need 200 accounts, then it might not be the easiest task to remember 800 words. <\/p>\n\n\n\n If you cheat and use the same passphrase across your accounts, this means hackers can get access to all of your information after just one attack.<\/p>\n\n\n\n Yes, passphrases are great. If you are looking for a super strong password for your email account or password manager, then a passphrase is a great option. Use a super complex passphrase to keep these key accounts safe. <\/p>\n\n\n\n However, it\u2019s not recommended to use passphrases for every single account you need to access. Trying to remember hundreds of passphrases is impossible. It\u2019s best to use a handful of passphrases to protect key accounts and then let a password manager remember the rest of them for you.<\/p>\n\n\n\n Building a passphrase\u00a0is easy; it can even be fun. Here are some steps to follow to create and remember a strong passphrase:<\/p>\n\n\n\n While passwords and passphrases are designed to accomplish the same goal, there are distinct differences between the two, including the following:<\/p>\n\n\n\nLength\u00a0<\/strong><\/h3>\n\n\n\n
Memorability\u00a0<\/strong><\/h3>\n\n\n\n
How to use a passphrase<\/strong><\/h2>\n\n\n\n
\n
The pros and cons of passphrases<\/strong><\/span><\/h2>\n\n\n\n
The advantages of passphrases<\/strong><\/h3>\n\n\n\n
Passphrases are long and complex<\/strong><\/h4>\n\n\n\n
\n
Passphrases are easy to remember<\/strong><\/h4>\n\n\n\n
The disadvantages of passphrases<\/strong><\/h3>\n\n\n\n
Passphrases are still vulnerable to the same storage mistakes<\/strong><\/h3>\n\n\n\n
A passphrase is not necessarily more secure<\/strong><\/h3>\n\n\n\n
A passphrase is easy to remember, but hundreds are not<\/strong><\/h3>\n\n\n\n
Should I use a passphrase?<\/strong><\/span><\/h2>\n\n\n\n
How to create and remember a strong passphrase<\/span><\/h2>\n\n\n\n
\n
Why passphrases are superior to passwords<\/strong><\/h2>\n\n\n\n
\n
Recommended Articles <\/strong><\/span><\/h2>\n\n\n\n
\n
References<\/strong><\/span><\/h2>\n\n\n\n
\n