Search This Site


Main menu

Picking a Passphrase

What is a "passphrase"?

A passphrase is a type of password that consists of multiple words that may form a sentence or other series of words in a certain context that is easy to remember for the user. 

Are they as secure as traditional passwords?

Yes.  As they tend to be longer than a password, that additional number of characters makes them more secure.  But the important thing is length, not complexity.  A passphrase of 16 or more characters (e.g., So one like this.) takes MUCH longer to crack than an 8 character complex one (e.g., N0t2-be!).

What should I avoid when making a passphrase?

As with any password, you should avoid selecting a passphrase that is easily guessed by another.  For example, if you have a favorite quote that you use on social media or frequently in conversation or just like, that quote would not be a good choice as a passphrase for your accounts.  You should also avoid common phrases like those in nursery rhymes and popular song lyrics.

Do passphrases have any drawbacks?

Because a passphrase's security typically comes from its length, passphrases can be cumbersome for anyone who needs to enter their password frequently throughout the day.  For example, an average typist logging into a device or service twenty times a day using a forty character passphrase will lose between ten to fifteen minutes a day in password entry.  Always consider how using a long passphrase will impact your day before selecting one, and compensate for any reduction in length with an increase in complexity (such as exchanging letter characters with special ones).

REVISION HISTORY: October 29, 2020 

Report an Information
Security Incident

Please report any level of incident, no matter how small. The Information
Security office will evaluate the report and provide a full investigation if appropriate.

Complete Report Form