Keeper. The Pros and Cons of Using Passphrases

Some of the benefits of using passphrases are that they’re easy to remember, difficult for cybercriminals to crack and they’re considered to be more secure than traditional passwords because of poor password habits. Some of the disadvantages of using passphrases are that some websites and apps may have low character limits, it’s impossible to remember passphrases for every single one of your accounts and they’re still vulnerable to being exposed in public data breaches.

Continue reading to learn more about passphrases and when you should use them to secure your online accounts and apps.

What Is a Passphrase?

A passphrase is a type of password that is created using a random combination of uncommonly used words. Since passphrases are created using words, they are generally longer, easier to remember and are considered to be more secure than using traditional passwords. Traditional passwords are often weak and are reused across multiple accounts because it’s difficult for individuals to remember multiple strong passwords.

While passphrases are considered to be more secure, there are still rules users should take into account when creating strong passphrases. A strong passphrase should have the following characteristics.

    • Contains at least four words that are four or more letters each
    • Is made up of at least 16 characters
    • Contains uppercase and lowercase letters, numbers and symbols
    • Doesn’t contain personal information
    • Doesn’t contain words that relate to one another
    • Isn’t being reused across multiple accounts

The Benefits of Using a Passphrase

Here are three benefits to using passphrases over traditional passwords.

Easy to remember

Because passphrases are made up of different words, they’re typically easier for users to remember, especially when you compare them to traditional passwords. For a traditional password to be strong, it has to be made of a variety of characters and be at least 16 characters long. A long, complex password isn’t as easy to remember as a long passphrase that contains a mix of characters.

Difficult for cybercriminals to crack or guess

The longer a passphrase is, the longer it takes for cybercriminals to guess or crack it. This is due to its password entropy. Password entropy is a mathematical equation that is used to determine whether it would be easy or hard for a cybercriminal to crack a password. Password entropy takes into account the variation of character length used in the password. Because passphrases are longer due to multiple words, their password entropy is greater, meaning they’re more difficult for cybercriminals to crack.

More secure than traditional passwords 

As mentioned above, when creating traditional passwords, many people resort to using weak passwords because they want to be able to remember them for multiple accounts. This often leads to password reuse, which places multiple accounts at risk of being compromised if a cybercriminal cracks just a single password that’s being reused. Using passphrases as passwords removes this risk since they’re both strong and easy for users to remember.

The Disadvantages of Using a Passphrase

Here are three primary disadvantages to using passphrases.

Some websites and applications have low character limits

The longer a passphrase is, the more secure it’s considered to be. However, using passphrases may not be possible on some websites and applications that have low character limits. This means users should instead use traditional strong passwords on these websites and apps to ensure that the password they’re creating cannot be easily guessed or cracked by cybercriminals. We suggest using a password generator to help you create these strong passwords.

You can’t remember passphrases for every single account

While passphrases are easier to remember than long, complex passwords, you won’t be able to remember them for every single account. The average person has 100 accounts, ranging from bank accounts to social media accounts, so even if you choose to use passphrases to protect every single one of them, it’ll be impossible to remember 100 passphrases on your own.

Still vulnerable to data breaches

While passwords – like passphrases – are meant to secure your online accounts from unauthorized access, they’re still vulnerable to data breaches. This is especially true for users who fail to also enable Multi-Factor Authentication (MFA) on their accounts. MFA adds an extra layer of security to your online accounts by requiring that a user verify who they are before being able to access their account. The more MFA methods enabled on an account, the more secure that account will be.

When public data breaches occur, whether or not a user’s password is strong doesn’t matter – all that matters is how that organization protects user information, which includes their credentials. If a user’s credentials aren’t secured, then their password is vulnerable to being exposed in a data breach.

When To Use a Passphrase

Passphrases are great to use in any instance where you only need to create passwords for a small number of accounts. The more accounts you use a passphrase on, the more passphrases you’ll have to rely on yourself to remember. Many people choose to use passphrases when creating a master password for an account, such as a password manager.

Password managers are tools that aid users in creating, managing and securely storing their sensitive data, such as the logins to their online accounts, credit card details and sensitive files. Password managers remove the need for users to remember multiple passwords and instead, users only have to create and remember one master password. This password should be both strong and easy for the user to remember, so it’s the perfect instance to use a strong passphrase.

Passphrases Are Easy To Remember and Secure

Passphrases are a great way to create passwords that are both strong and easy to remember. However, even though you’ll be able to remember one or two passphrases easily, it’ll be impossible to remember a passphrase for every single one of your accounts. A password manager like Keeper® can help. Keeper helps users create, store and manage the logins for every one of their accounts. Keeper also stores Two-Factor Authentication (2FA) codes, to make securing accounts with MFA a lot easier.

Ready to see how Keeper Password Manager can help you secure your online accounts? Start a free 30-day trial today.

Source: Keeper