Seven tips for crafting a strong passphrase
A passphrase is a longer sequence of words — often four or more — used to secure accounts. Compared to traditional passwords, passphrases offer better security due to their length and unpredictability. Yet they’re easier to remember.
Passphrases are stronger than passwords because they are longer. When creating a passphrase, it's best to use 16 or more characters.
Passphrases are harder to hack. Because random words used in a passphrase are unpredictable, it's much more difficult for attackers who rely on trying common words and leaked passwords.
University of Kentucky Information Technology Services (UK ITS) suggests using these seven tips to create a strong passphrase.
Tip 1: Use completely random, unrelated words
Choose four or more completely unrelated words that do not form a theme or pattern. For example, instead of using only fruits (apple-banana-orange), mix it up with unrelated words like lamp-tiger-cloud-pizza. Random combinations like this make it much harder for attackers to guess.
Tip 2: Avoid personal Info and common phrases
Never include your linkblue, birthdays, names, quotes or song lyrics. These are often easy for attackers to guess using personal data.
Tip 3: Mix cases, numbers and symbols
Include uppercase and lowercase letters, digits and special characters throughout the passphrase. This boosts complexity significantly.
Tip 4: Aim for a minimum of 16 characters
Make your passphrase at least 16 characters (roughly four, four-letter words). This length is key to resisting attacks.
Tip 5: Never reuse passphrases
Each account needs its own unique passphrase. If you reuse one and it’s stolen in a data breach, hackers can use it to get into all your other accounts too.
Tip 6: Let a generator help
Use a passphrase generator to create truly random and secure phrases. Most tools let you adjust the length and structure, and many are built right into password managers.
Tip 7: Store them in a password manager
Even though passphrases are memorable, it is easy to lose track if you are using many. Store them in a password manager to keep everything safe behind one strong master password.
Example of a Strong Passphrase
For example, chArger-8brocoli-mordor-Penny-bottle is a strong passphrase. It uses
36 characters, random words, mixed case, numbers, symbols and no personal info.
Strong passphrases are long, random, complex and unique and they are easier to remember than you think! Use a generator, lock them in a manager and say goodbye to weak passwords forever.