Password or Passphrase? Increase Your Security and Lower Your Frustration

What’s your favourite recipe? We’re not talking about soup or cake, but instead your recipe for a strongpassword. It probably goes something like this… start with a mix of upper and lowercase letters, add a sprinkle of numbers along with a dash of special characters. Make it clever, make it unique, make it longer and DON’T make it similar to any other password you’re currently using. Yes, what we have here is a recipe… a recipe for frustration.

Have you found yourself grumbling at your monitor screen struggling to concoct yet another secure password? Or worse yet, trying to remember or correctly enter the characters of a complex password you created months ago… or even yesterday? In that case, this post is for you! We have entered the era of the passphrase and what a relief for those of us tired of playing the memory game. Let’s delve into why adopting passphrases is emerging as the best choice for password security.

The Evolution of the Password

Remember when you first started using personal passwords? Life was simple then – your pet’s name, your best friend’s nickname, your favorite ice cream flavor. However, before long hackers found ways to guess these based on the growing amounts of personal data online – social media profiles didn’t help.

Next perhaps you switched to a random dictionary word. Here again, this practice was quickly broken by dictionary-based cracking programs.

To increase security maybe you started injecting numbers and special characters to replace certain letters, for example:

• J3rry$einfeld (substitute “3” for “e”; substitute “$” for “S”)
• M@pleL3afs (substitute “@” for “a”)

These common substitutions became predictable and were quickly incorporated into cracking techniques.

What did you do next? Longer passwords with a random mix of upper and lower-case letters, numbers, and symbols. These were very hard to crack, but also cumbersome to type and impossible to remember!

Bring on the Passphrase!

This brings us to the age of the passphrase. What is a passphrase? Instead of a single word or random construct, a passphrase utilizes a number of complete words (unrelated ones are best) to form a “sentence” that is easy to remember and hard to crack. This sequence of words can form a bizarre picture in your mind that you will be able to recall and input quickly. For example:

• IndigoElephantSaxaphoneSweater
• CoconutLizardCowboyCake

Want more security? Try using more words or add spaces (if allowed) to make the passphrase longer.

What about meeting complexity requirements? You can satisfy specific rules by including a special character, starting words with uppercase letters, and adding a number somewhere in your “sentence”.

Benefits of the Passphrase

1. Passphrases are memorable. Even with a symbol and number included you’re much more likely to successfully memorize a passphrase than a series of random characters.
2. Passphrases are stronger. Due to the increased length and complexity of passphrases they are typically more difficult to crack even with the advanced tools used by hackers.
3. Passphrases are longer. Using three, four, five, or more words in your passphrases exponentially increases their strength.  Most applications and operating systems now have higher character limits allowing for use of passphrases. 

Start Generating Your Own Passphrases Now

Do you want to start reducing your password frustrations by switching to passphrases? Here are some guidelines:

• For the greatest strength avoid common sayings, song lyrics, or quotes.
  • “wewillrockyou”, “TheEmpireStrikesBack”, “ThisIsMyPassword” are not good choices.
• Make your passphrase at least 15 characters long. While a 12 character password is often recommended, your passphrases should be longer to gain the extra security benefits. Consider using five words or more in your “sentence”
• Consider including upper and lowercase letters, a number and a symbol.
• Include uncommon, unusual, and unrelated words in your phrases.
• Use association techniques to create your passphrase. For example, look at the objects on your desk and create a passphrase based on what you see. You could also base your phrase on a family photo – “Beach2DaySunburnOuchSizzle!”.
• Do not use the same passphrase for multiple accounts. Remember that one cracked password compromises every login using it. Close iterations are at high risk too.

Passphrases – Your New Recipe for Security

Are you ready to change up your recipe for password security? You can finally leave behind that jumble of forgettable, inscrutable characters and start putting together passphrases that work for you! Your personal data will be better protected, the temptation to use and reuse weak passwords will be reduced, and the rise in blood-pressure associated with creating a new password will be a thing of the past.

Want to make your digital life even easier and safer? Consider using a secure password manager. Imagine a world where you only have to remember one passphrase to safely access all your accounts and logins. Contact us at allCare IT to discuss the benefits of password management for your organization.