Guidance for Choosing a Secure Passphrase
What is a passphrase?
A passphrase is a type of password that consists of multiple words that may form a sentence or other series of words in a certain context that is easy for you to remember.
Are passphrases as secure as passwords?
Yes. As they tend to be longer than a password, that additional number of characters makes them more secure. The important thing is length, not complexity. A passphrase of 16 or more characters (e.g., So one like this.) takes MUCH longer to crack than an 8 character complex one (e.g., N0t2-be!).
What to avoid when choosing a passphrase?
As with any password, you should avoid selecting a passphrase that is easily guessed by another person. For example, if you have a favorite quote that you use on social media or frequently in conversation, that quote would not be a good choice as a passphrase for your accounts.
What makes a good passphrase?
Long enough to be hard to guess, 16 characters is a good starting point
Easy to remember and type accurately
For better security, any easily memorable encoding at the user's own level can be applied e.g. add separator between words, capitalize each word, replace a vowel with a number, et cetera.
Need help coming up with a passphrase?
If you’re having trouble thinking of a passphrase, give this website a try. Feel free to use it as a starting place then make changes that make the passphrase easier for you to remember or type.