Back to the Blog

Passphrase vs. Password

Ronald Bushnell

worker in startup office

Passphrase vs. Password

Passwords are something you use every day, whether you are checking your email, logging into your online bank account, placing an order for a product or simply accessing your mobile device or computer. Passwords are also your weaknesses. Your emails can be read, personal files accessed, identity stolen, money transferred, and contacts exposed. A strong password is absolutely essential for protecting yourself and possibly your employer if you use company-owned devices. Maintaining and managing passwords can be a burden and it can be frustrating to try and remember a complex password. That is where passphrases come in.

Most people are aware that a password should contain a capital letter, a number, and a symbol. A passphrase is a much stronger password, while still easy to create and remember. What is the difference between a password and passphrase?

Password:  Beach2020!

Passphrase: Iwant2go2theBeach! Or try using spaces… I want 2 go 2 the Beach!

In this passphrase example, you could also use symbols or numbers to replace letters. Such as ‘@’ for the ‘a’ and a zero for the ‘o’ – I w@nt 2 g0 2 the Be@ch!

Why Use a Passphrase?

Hacker algorithms quickly run through variations of “Beach2020,” but will have more difficulty cracking longer phrases. Passphrases are much harder to break into and can be much easier to remember, especially if it relates to something you like; something that naturally reflects your personality.

Be careful of websites that require you to answer personal questions as it’s unclear if and how that company is securing that data. When answering questions that will be used if you forget your password/passphrase, be sure to choose questions and answers that can’t easily be figured out through social media platforms. For example, “What is your dog’s name?” or “What city were you born in?” Your Facebook page may clearly state that your dog’s name is Mr. Hotdog and that you were born in Nashville.

Most people know to avoid public computers, such as those located in a hotel, as they could easily be infected with malware that will capture not only your password and passphrase entries but all keystrokes and browsing history. Avoid public computers at all costs unless you are just using it for Internet research. Never enter any personal information.

It is ideal to use a different passphrase for each account and device. Find a password management solution that works for you and use it. It’s too difficult to remember many passphrases, especially if you are updating them every 30 – 60 days, and you wouldn’t want to forget and have to reset your accounts constantly.

If you have any questions about passphrases and best practices when it comes to securing your accounts, please let us know. We love talking about different ways to protect your data.