Students, faculty, and staff can learn about passphrases and best practices for creating them.  

Password Management Video Guide

Passphrase Overview

Passwords can be difficult to remember, especially when they are composed of a random combination of letters and numbers and/or you have more than one of them. Instead of a password, you may consider using a passphrase. 

A passphrase consists of four or more random words that create a password over 12 characters in length. It can even be a sentence, so long as it is somewhat random. Below are examples of a strong passphrase:

  • Ethel eats fresh fish

This passphrase is 20 characters long and contains uppercase, lowercase and special characters. Using current technology, this passphrase would take 2.4 x 1024 years to crack. If your password is stolen or compromised, you can simply modify a word(s) in the existing passphrase, as shown below, or create a new passphrase.  

  • Ethel hates fresh fish
  • Tom watches fresh fish
  • Alex likes fresh vegetables

The permutations in using a passphrase are virtually endless and easier for most people to remember.

You should still keep in mind the following best practices:

  • Do not reuse passwords for important websites.
  • Do not use children or pet names.
  • Do not use music lyrics or other well-known phrases.
  • Do not reuse passwords that have been compromised.
    • Do not simply add or increase a number at the end of a password.
  • You should use a password manager for your passwords. Products like Lastpass, Dashlane, and 1Password all have free versions.
  • You should use two-factor or multi-factor authentication on any account that offers it. This is the best way to prevent your accounts from being misused, and it is available across an ever-increasing number of services including financial websites, social apps, and even gaming sites like Steam.