KT Connections Blog

Why Passphrases Can Be Better Than Passwords

Why Passphrases Can Be Better Than Passwords

If you’re like many people, you likely find the prospect of remembering a password daunting - possibly daunting enough to cheat a bit when it comes to using a different one for each account? Admittedly, maintaining so many passwords can be challenging… so why not use a few tricks to make them easier to remember?

One trick that many have found effective (and actually helps to make your password more secure) is to not use a password at all, and instead to leverage a passphrase.

The Difference Between a Password and Passphrase

Not that you should ever use these examples, but an example of a password could be (but again, shouldn’t be) “password.” Likewise, a sample passphrase could be “This is my passphrase.” Keep in mind, you may not be able to include spaces, depending on where the passphrase is being used.

For a much more secure example, you could have the password “p@u!Ep@rro+,” or the passphrase “My African Grey is named Paulie Peterson Parrot.”

See the difference? A passphrase is a full sentence with some personal significance to the user. This personalization makes it much easier for the user to remember, while the length and specificity makes it much harder to be guessed.

Passphrase Practices

Of course, there are ways to make your passphrase even more secure. For instance, consider the following list of potential passphrases:

  • Then I saw her face now I’m a believer
  • It’s fun to stay at the Y-M-C-A
  • I’m just a poor boy nobody loves me
  • My large music collection makes me very proud

Which do you think is the most secure? One of the ones that are immediately recognizable (and a lot of people know), or the one that is a personal statement?

Naturally, a statement that is more-or-less unique to you is going to be more secure than a well-known phrase will be - much like how “password” is a terrible password to use. Furthermore, “My large music collection makes me very proud” isn’t exactly the most common or simple phrase (especially when compared to “It’s fun to stay at the Y-M-C-A”), which will make it more difficult to guess.

Password/Passphrase Practice Overlap

Many of the practices that we would recommend to someone using a password also apply to someone using a passphrase, too. In addition to using a different passphrase for personal materials at home and professional assets at work, a different passphrase should be used for each account. These passphrases should be changed annually - taken out of rotation for at least five subsequent changes afterwards. 

It can also be helpful to leverage a password management program to keep your passphrases organized, protecting them behind a master passphrase needed to access the program. You should also make sure that your accounts are set to lock for 15 minutes after five failed attempts to log in.

What Are You Planning to Use as a Passphrase? Share It In the Comments!

We’re joking, of course. Instead, if you have any additional questions about securing your accounts with passphrases, please don’t hesitate to lean on us. Give the KT Connections team a call at 605-341-3873 today!

Three Tricks to Spot Phishing Attempts
Your Business Should Rely on a Microsoft Cloud Sol...