Password vs PassPhrase

Password Vs PassPhrase

**Passwords Vs PassPhrases - What Is The Difference & Why? **

There is no question that we need passwords in today’s computing world, they are in everything. In fact there are so many that frequently, people re-use the same passwords. This is an extremely bad idea, but I am not going into that here.

Passwords

A “Password” is usually that - a “word” or a word with numbers after it, such as “password123”. That is what we generally think of as a password. The problem with these sort of passwords is two fold:

  1. Often we are not very inventive with our passwords. We choose something easy to remember. This may be a word common to us, or an easy to remember sequence on a keyboard.

  1. Hackers are extremely clever, often have cleaver hacking software and are determined. Being able to empty someone’s bank account or use their PayPal account to launder stolen money, use your social media account to defraud your friends is worth a few days hard work getting your password!

Really Bad Passwords

We are dreadful at making up good passwords. And no matter how many time we hear it, we still use silly, easy to break passwords, then often re-use them again and again. Here are some examples of some very bad passwords:

  • Password
  • drowssap
  • LetMeIn
  • pass123
  • mypass
  • 000000
  • test1
  • iloveyou
  • football
  • chocolate
  • Name of your dog, cat, daughter, son, partner etc
  • Name of above often followed by date of birth or year of birth etc.

These are common, really bad, keyboard based passwords i.e. easy to remember key sequence

  • qwertyuiop
  • poiuytrewq
  • qawsedrf
  • q1w2e3r4

So, that really cleaver password you use on all your main accounts, the name of your cat follower by the year you were born - it’s really NOT cleaver - sorry.

We are told that there should be long and a mixture of upper and lowercase letters, numbers and special characters such as {£$%^&*!,./}. Also, not a dictionary word that can be brute force guessed by hacking software.

Here is an example of a strong password - kR*z@FZk%N99hM

But, lets face it, you need something that you can remember. That example above may be a good strong password, but how on earth do you remember it? Well, that is where PassPhrases come in :)

PassPhrases

A PassPhrase is a password, but it’s a phrase - a number of words joined together. This makes it easier to remember, it’s not a dictionary word, it’s long and with a bit of ingenuity, you can add upper and lowercase letters numbers and special characters, yet still remember them.

With a small amount of imagination, you can invent your own strong passphrases, such as:

  • GrettaMaloy8MYhamster-the#$£! Translated as Gretta Maloy ate (8) my hamster, the (insert strongly descriptive word here).

You have an unusual phrase, it’s long, uses upper and lower characters and special characters.

Or,

  • IwantMOREChocCake-Yumm! Translated as I want more choc (chocolate) cake - yum!

Let your imagination play with words.

You can invent your own, get ideas from passphrase generators online, or better still use the built-in one on your password manager such as Bitwarden Password Manager.

Here are a couple of online generators I found:

I have nothing to do with these sites, I just found then with a basic search.

Here is an example from the first one of those sites:

around fatal union

Now, if you remember that and remove the spaces, you already have a good password. Add some extra things like a couple of capital letters…

aroundFataLunion

Maybe a number and an extra letter to make logical sense to the human brain…

around2FataLunionS

What about some special characters…

around_2_FataLunionS~

We now have a passphrase that can be remembered and is pretty secure.

I used the generation to come up with words, then I added the extra bits - it helps me remember it as I had input. But, you could use the generator to do it all itself.

Like this:

Around-union-fatal8?

The second site prefers to use just words, and combine into long phrases. You would use these words in order, but without spaces

Here is one of it’s short phrases:

 unhappy poodle devours magical stone

This would give you a passphrase of:

unhappypoodledevoursmagicalstone

The site suggests you visualise the scene it is describing, to help you remember the phrase. This would probably be needed for something like:

sick chief and terrified ram take crude laptop in Ireland

And that isn’t the longest of the phrases it can suggest.

Conclusion

Passphrases are far stronger than passwords, you really should seriously consider using them instead of passwords. There are far too many cyber crimes, and anyone that does anything at all online - web or phone app related, is at risk. Still if you have loads of passphrases to remember, it will be difficult. Thus, I have used a Password Manager for years, it remembers all the extremely strong, impossible to remember passwords like that example above. It is then secured with a really good passphrase that I remember. Any computer encryption I have, is secured with a good passphrase.