• Home
  • Password vs. Passphrase: Which One is Better?

Password vs. Passphrase: Which One is Better?

Password vs Passphrase Which is Better?
24Jul

Password vs. Passphrase: Which One is Better?

Passwords and passphrases are used as authentication measures to access accounts and other systems.

They serve the same purpose — to keep others from accessing your data or private information — but they differ in complexity, length and structure.

It’s quite common for people to use the word “passwords” to describe both passwords and passphrases. Think of a passphrase as a type of password, but password is also the general term used to describe a string of characters needed to access an account.

Confused yet?

Don’t worry. Just know there are notable differences between passwords and passphrases, and we’ll break down what they are and which one is better for keeping your accounts secure.

“Passwords generally are shorter, have fewer words and are less complex than a passphrase. People often opt to use passwords instead of passphrases because they feel that shorter words are easier to remember than longer phrases.”

What Makes a Password Different from a Passphrase?

A password typically contains:

  • 8 to 10 characters
  • A mix of letters, numbers and special characters
  • 1 to 2 related words
  • No spaces
  • Examples include: P@ssw0rd!, Tr0ub4dor3, H0ck3yGuy123

A passphrase typically contains

  • 12 or more characters
  • A mix of letters, numbers and special characters
  • Multiple unrelated words
  • At least one if not multiple spaces
  • Examples include: Duck@Stop3Cart-Pits, Correct Horse Battery Staple, Sunshine @Driveway# Goose13

Yes, many platforms, including Microsoft, will allow you to use spaces in your passphrases. A space is classified as a special character just like a backslash (/), a dollar sign ($) or an ampersand (&).

Passwords generally are shorter, have fewer words and are less complex than a passphrase. People often opt to use passwords instead of passphrases because they feel that shorter words are easier to remember than longer phrases.

However, passwords also are easier to guess and/or crack because they use fewer characters.

This chart from security.org shows how quickly a computer would guess a password based on the number of characters and what kinds of characters. As you can see, length and the use of lowercase letters, uppercase letters, numbers and symbols is the best way to ensure you have a strong password.

How Do I Know If My Password Is Strong Managed IT Services

The longer and more complex a password or passphrase is, the harder it is for a computer to guess it.

Password of Passphrase: Which One is Better?

Passphrases are unequivocally better to use than passwords for several reasons.

  • Passphrases are easier to remember: Long passwords are harder to memorize than passphrases. A password of T00L0#95%04M@n certainly is complex enough for a computer, but it’s not easy for a human to remember. The passphrase of Correct Horse Battery Staple is easy to remember, and it’s complex enough for a computer. You could throw some special characters or numbers in the passphrase to make it even more complex.
  • Passphrases are harder to crack: As noted in the chart above, the longer and more complex the passphrase, the harder it is to crack. Attackers use password-cracking tools that help them gain access to accounts with weak passwords. Short passwords are easy to remember but also easier to crack. One of the best reasons to use multiple words in your passphrases is they protect you against dictionary attacks, which is a method of password guessing that enters every word in the dictionary — or a list of commonly used words — and every variation of that word with number and special character substitutes (Password and P@ssw0rd!).
  • Passphrases satisfy complexity rules: Many platforms force you to use lowercase and uppercase letters, numbers and special characters when creating a password. In the above example, Correct Horse Battery Staple can be changed to Correct*Horse45Battery!Staple to satisfy complexity requirements.

Always opt for longer passphrases over shorter passwords. Very rarely will platforms set a password character limit of less than 16. Most major applications and operating systems (Windows, Linux, Mac, etc.) allow up to 127 characters for passwords/passphrases.

You’ll probably never need to create a 127-character passphrase, but it’s reassuring to know an incredibly complex passphrase can be created.

If the thought of trying to remember several passphrases is overwhelming you (because you should never reuse the same password on multiple accounts), you might want to look into a password manager. Password managers use encryption methods to protect your passwords from attackers, making it more secure than storing them in your web browser or an Excel file on your computer.

You only need to remember one master password to access your list of passwords. Password managers also have password generators that will automatically create complex passwords for you.

West Michigan Managed IT Services

Looking to protect your company from cybersecurity threats? Contact us here to learn how we can help secure your sensitive data.

Did you like this blog? You can subscribe to our newsletter to receive a weekly email with our latest blog posts.

Get Support

Share this post

Related Posts

Romance Scam Catfishing Cybersecurity
14Oct

My Dad Lost Thousands in a Romance Scam: How They Work and How to Protect Yourself

Editor’s note: In recognition of National Cybersecurity Awareness Month this... read more

Early Warning Signs Your Employees Need to Look Out for and Report to IT
09Oct

Early Warning Signs Your Employees Need to Look Out for and Report to IT

Editor’s note: In recognition of National Cybersecurity Awareness Month this... read more

What is Quishing and How Do You Protect Yourself?
08Oct

What is Quishing and How Do You Protect Yourself?

Editor’s note: In recognition of National Cybersecurity Awareness Month this... read more

Tips for Running an Effective Cybersecurity Awareness Campaign
07Oct

Tips for Running an Effective Cybersecurity Awareness Campaign

Editor’s note: In recognition of National Cybersecurity Awareness Month this... read more

6 Conditional Access Policies You Should Turn on Now
02Oct

6 Conditional Access Policies You Should Turn on Now

Editor’s note: In recognition of National Cybersecurity Awareness Month this... read more

What is a Pig Butchering Scam and How Do You Protect Yourself?
01Oct

What is a Pig Butchering Scam and How Do You Protect Yourself?

Editor’s note: In recognition of National Cybersecurity Awareness Month this... read more

Take Advantage of Tax Benefits by Upgrading to Windows 11 Now
30Sep

Take Advantage of Tax Benefits by Upgrading to Windows 11 Now

The Windows 10 end date is nearly here. On Oct. 14,... read more

Why Do We Encourage Our Clients to Use Microsoft Edge Over Google Chrome?
25Sep

Why Do We Encourage Our Clients to Use Microsoft Edge Over Google Chrome?

Since releasing in 2008, Google steadily captured more and more... read more

23Sep

How to Access Clipboard History in Windows

If you use the copy and paste commands frequently, you’ve... read more

Committed vs. Uncommitted Microsoft 365 Licenses
09Sep

Committed vs. Uncommitted Microsoft 365 Licenses

You’ve probably heard of the different Microsoft 365 plans, which... read more