≡ Menu

Password Vs Passphrase: Here’s 5 Reasons to Use Passphrase

The debate between passwords versus passphrase is currently the trending buzz online nowadays. Just after all the password hacking and identity theft incidents have caught media attention, a lot of online users have now become aware of the ominous danger that is lurking in the scam-infested world of the internet.

Hence, the recommendation to use passphrases instead of passwords by IT experts just came at the right time to soothe everyone from the hangover of the password disaster phenomenon.

However, not everyone is techno savvy and there are some who are still confused as to the difference between a password and a passphrase, and why the latter is more reliable.

The difference between password and passphrase

Just to put everyone on the same page, a password as you know it is typically composed of not more than 10 letters or symbols, or a combination of both. It could be a string of random symbols such as “B@3!&O$$” or just a lousy word like “yourname”, or a combination of both such as “sh@tup!”.

On the other hand, a passphrase is longer than a password and contains spaces in between words such as this: “The road to success is always under construction!”.

A passphrase can also contain symbols, and does not have to be a proper sentence or grammatically correct. The main difference of the two is that passwords do not have spaces while passphrases have spaces and are longer than any random string of letters.

So why is passphrase better than passwords?

  1. Passphrases are easier to remember than a random of symbols and letters combined together. It would be easier to remember a phrase from your favorite song or your favorite quotation than to remember a short but complicated password.
  2. Passwords are relatively easy to guess or crack by both human and robots. The online criminals have also leveled up and developed state of the art hacking tools that are designed to crack even the most complicated password.
  3. Satisfies complex rules easily. The use of punctuation, upper and lower cases in Passphrases also meets the complexity requirements for passwords.
  4. Major OS and applications supports passphrase. All major OS including Windows, Linux and Mac allow pass-phrases of up to 127 characters long. Hence, you can opt for longer passphrases for maximum security.
  5. Passphrases are next to impossible to crack because most of the highly-efficient password cracking tools breaks down at around 10 characters. Hence, even the most advanced cracking tool won’t be able to guess, brute-force or pre-compute these passphrases.

Using a passphrase instead of a password will ultimately give you some peace of mind when going about your business online. Just ensure that the phrase you will be choosing is also easy to remember but preferably not a common or popular quote or song that can be easily guessed by someone who knows you.

It should also be at least more than 14 characters long as well to ensure its maximum security. With this new strategy of using pass-phrases in all your important accounts and websites, you can now enjoy a fully-secured online experience.

{ 4 comments… add one }

  • william C August 4, 2013, 7:21 am

    Nothiing is 100% secure when it is on line. The hackers that developed systems for cracking 10 symbol passwords will eventually figure out how to crack passcodes. But it is worth a try for now.

  • walter f bauer August 13, 2013, 1:38 pm

    what do we do change all our password? this is a difficult and tedious job.

  • Jack November 7, 2013, 11:20 am

    “The online criminals have also leveled up and developed state of the art hacking tools that are designed to crack even the most complicated password.” Which for some reason wouldn’t work against a passphrase? Because of what?

    Please explain how this: )@#($lkfl2lx0294_!@)ro9lku$Jamb0kai#3
    Is less secure than this: crypt the fox mud dossier bowling!

  • Robert Sansom March 11, 2015, 12:24 pm

    Passphrases are great passwords – no argument there, however depending on what the password is intended to protect a phrase of random words is not enough. If you are a merchant that accepts, transmits or stores any cardholder data (visa, Mastercard, etc) – there are specific requirements that passwords must meet including:

    – The merchant must disable accounts that are inactive for 90 days.
    – The merchant must lockout an account for 30 minutes after 6 failed attempts to login (admin can let the user in immediately after verifying identity).
    – The merchant must require the user to re-authenticate after a session is idle for 15 minutes.
    – Passwords must be a minimum of 7 characters long and contain both numeric and alphabetic characters.
    – User passwords must be changed every 90 days.
    – Merchants can’t allow a user to choose a password that is the same as any of their last four passwords (i.e., the last year).
    – First time use passwords have to require the user to enter a new password after authenticating for the first time.

    So while these rules may seem oppressive, they are in fact not that bad. You can still use a passphrase like “horse table wine oreos”, you just need to add a number in it somewhere like “4 horse table wine oreos”

Leave a Comment