You hear it constantly. “Use strong passwords.” “Don’t reuse passwords.” “Don’t use common words, be sure to mix characters, etc.” To the average technology user, it’s more than enough to be so overwhelming that the rules can encourage bad security habits.
Traditional passwords, even strong ones, are easier to crack by way of brute force (computer-assisted repeat attempts to try different character combinations) than you might think. Combine this with the need for users to remember complex, unique passwords and often relying upon unsecure practices like writing account information down, and it’s no wonder so many accounts are compromised.
Enter the Passphrase
Rather than using gibberish or some arcane, and easily confused, character swapping setup, you can form a surprisingly secure and easily remembered passphrase by stringing together 3-4-word short sentences.
Example: Orange bananas are weird!
Think about how simple that phrase will be to remember. You can even have some fun with your passphrases, coming up with goofy and entertaining snippets that will give you a little chuckle every time you type them in.
By using spaces (Note: some services will not allow spaces in password fields) to separate the words, you create an incredibly resilient ‘password’ to secure your accounts. Some studies even suggest that it will take millennia (yes, millennia) for a brute force attack to eventually guess the passphrase and crack the account. Remember, a space is considered a special character. When you add in capitalization and normal sentence punctuation, plus passphrases that are 20+ characters long, you’ll meet the complexity requirements of most, if not all, services you need to create passwords for.
Lastly, many of your accounts will likely require you to change passwords every few months, at a minimum. Who hasn’t run into a situation where you struggle to come up with a new, unique password on the fly? Passphrases are easier by far to alter, substituting in new words, while not causing overt confusion when you next go to log in.
There are alternatives to creating passphrases to secure your accounts better than traditional passwords. Password managers come to mind. If you don’t trust, or understand, how to use a password manager, or just prefer the control that comes with making your own passwords, consider changing to the passphrase approach.
Contact us to discuss ways we can help you secure you, your business, and your family today.