We all know what a password is, right? It’s those wonderfully smart series of letters and numbers that we make up for those sites that request one. The only trouble is, that most of us never remember them or forget to write them down.
We think we’re so witty in swapping out a letter for a number or a symbol and silently give ourselves a little pat on the back for our ingenuity.
Well, guess what? Your clever little creation to protect often sensitive, private information can be cracked by ne’er-do-wells with sophisticated hacking software in a fraction of a second.
And, with the media giving lots of air and press time to stories about hacking, it might be time to rethink the whole password scenario and take a closer look at passphrases.
What is a passphrase?
Few people know about passphrases: they’re sort of like a password that uses a series of words that are separated by spaces (or not…it doesn’t really matter).
Although passphrases often contain more characters than passwords, passphrases contain fewer ‘components’ (four or five words instead of, say, 8 random characters).
Even though they’re still hard to crack, let’s take a look at the ‘crack’ times of passphrase — say something like, ‘toy umbrella fences leaf tiles’, compared to a password like, ‘B@3!&O$$’.
The latter password would take approximately six years to crack …that’s pretty good.
The above passphrase, by comparison, would take approximately 83,070,310,867 centuries.
That’s right…centuries!
There are also websites out there that can generate a passphrase. ‘Use a Passphrase’ is one website where you can randomly generate a passphrase based on different rules.
Why should I use a passphrase?
- Passphrases are much easier to remember than a random selection of symbols and letters combined
- Passwords are relatively easy to guess or crack by both humans and robots. The online criminals have also levelled up and developed state-of-the-art hacking tools designed to crack even the most complicated password
- The use of punctuation, numbers, symbols and upper and lower case in a passphrase meets the complexity requirements for passwords
- All major operating systems including Windows, Linux and Mac allow passphrases of up to 127 characters long. So, you can opt for longer passphrases for maximum security if you wish
- Passphrases are next to impossible to crack because most of the highly efficient password cracking tools break down at around 10 characters. Even the most advanced cracking tools won’t be able to guess, brute-force or pre-compute a passphrase
A passphrase used in place of a password ultimately gives you some peace of mind when conducting business online. Just remember to ensure that the phrase you choose is easy to remember but preferably not a common or popular quote or song that can be easily guessed by someone who knows you.
So, what makes a good passphrase?
Here are a few tips on creating a good passphrase
- A passphrase can also contain symbols and does not have to be a proper sentence or grammatically correct
- Make it long enough to be hard to guess…four words with spaces are good, five or more is better
- Don’t use a famous quotation from a movie, literature, Bible, etc.
- Make it hard to guess by intuition—even by someone who knows you well
- Make it easy to remember and type accurately
- For better security, any easily memorable encoding at the user level can be applied
What else can I do to increase my security?
If you already use a password manager, well done you.
However, you still need to input a master password. This is when a passphrase is especially useful.
By creating a unique passphrase, you’re creating an even stronger master password for your password manager, and you’ll be safe in the knowledge that you’ve substantially beefed up your online security.
The other thing to remember is to not use the same passphrase on multiple sites, applications and other different sources.
Find out more.
If you want to know more about passphrases and utilising this security strategy to keep your business safe, contact the team at Skope IT.
