Quotes Icon

Andrew M.

Andrew M.

운영 부사장

"저희 비영리 단체는 TeamPassword를 사용하고 있으며, 우리의 요구에 잘 맞고 있습니다."

가입하기!

Table Of Contents

    The word "passphrase" spelled out on dice on a piece of paper that has many words written down in different colors and that looks like code.

    What is a passphrase and should you use one?

    December 11, 20248 min read

    Password Management

    Passphrases are the newest way to create passwords. They are often considered more secure and easier to remember than traditional passwords, but what exactly is a passphrase? Simply put, passphrases are passwords created by putting multiple common words together instead of a randomly generated set of letters, numbers, and characters.

    Here’s everything you need to know about passphrases to decide if you should use them.

    • Passphrases are often better than passwords because they are longer.
    • Using unrelated words and adding characters and numbers makes passphrases more secure.
    • You should never use the same passphrase for multiple accounts.
    • A password manager can help you store and share your unique passphrases.

    TeamPassword is the best way to store passphrases online. Don’t believe us? Sign up for a 14-day free trial today and try for yourself.

    Table of Contents

      What is a passphrase?

      It seems like everyday we hear about a new “future of passwords” concept, from single sign on (SSO) to biometrics or Passkeys. Unlike all of these other solutions, passphrases are really a low-tech way to make passwords more secure and easier to remember. 

      Simply put, passphrases are a set of three or more words put together to create a very long and therefore secure password. Here’s an example:

      Passphrase example: MonkeyPlainsMilkEurope

      At 22 characters long, it’s already pretty secure. However, you could make it more secure by substituting numbers and characters.

      Passphrase example: Monkey.Pl4ins.Milk.Eur0pe!

      What’s really valuable is how much easier it is to remember. In fact, you’ll probably remember “monkey plains milk Europe” a week from now.

      password_entropy.webp

      Passphrase vs. password

      Passphrases are a set of words put together and used as a password. Conversely, when looking at a password, it’s a random jumble of letters, numbers, and characters. 

      Here’s an example from our free password generator: ac=oei$EdrN5`2k

      There’s no question that is a hard password to guess, but is it really that secure? At 15 characters long and no discernable pattern for a dictionary attack, it would force computers to run a brute force attack

      However, even the simplest passphrase could be more secure. Our example above, Monkey.Pl4ins.Milk.Eur0pe!, is also changed enough to make a dictionary attack impossible, is far longer (24 characters), and is easy to remember. 

      In fact, you might never forget “monkey plains milk Europe” again! 

      The problems with passwords

      XKCD summarized the problem with traditional passwords in one of their comics. Essentially, passwords are usually not long enough to trick computers running brute force attacks, but they are still too long and complicated for humans to remember.

      That’s completely backwards.

      Ideally, we want easy for humans, hard for computers passwords and not the other way around. That’s where passphrases come in. “Monkey.Pl4ins.Milk.Eur0pe!” is very, very hard for a computer to crack, while you’ve probably memorized for life “monkey plains milk Europe” at this point.

      How secure are passphrases?

      Passwords are only as secure as the way they are stored. That’s the same for passphrases. If you have a super complicated password on a sticky note in the corner of your monitor, then you do not have a secure password. Since passphrases are easier to remember, they are often stored in the brain, making them more secure than equally long random passwords.

      That being said, most people require hundreds of passwords, and even though passphrases are easier to remember, that doesn’t make 200 of them easy to remember. 

      The pros and cons of passphrases

      Passphrases can certainly be considered better in a lot of ways than passwords. However, they have some of the same shortcomings. Here are the advantages and disadvantages of passphrases.

      The advantages of passphrases

      Let’s look at the two main advantages of passphrases:

      1. Passphrases are easy to remember.

      2. Passphrases are long and complex.

      undefined

      Passphrases are easy to remember

      No human can (or is willing to) remember multiple passwords that look like the example above, “ac=oei$EdrN5`2k”. It’s just too hard. However, you can probably already say the passphrase we’ve been using without reading it, “monkey plains milk Europe”.

      Passphrases are long and complex

      Password complexity really comes down to two points:

      1. Longer is stronger (each additional character adds exponentially more entropy).

      2. Using more types of characters (upper- and lowercase letters, numbers, and character) is more complex.

      Of these, the first point is more important. That’s why just “MonkeyPlainsMilkEurope” is already a very strong password. Changing it to “Monkey.Pl4ins.Milk.Eur0pe!” brings the complexity level even higher.

      Comparing both to a very complex password like “ac=oei$EdrN5`2k” above shows how much more complex a passphrase can be. 

      The disadvantages of passphrases

      It’s hard to come up with specific disadvantages of passphrases. However, it is important to remember that they still have three of the same big vulnerabilities as passwords:

      1. A passphrase is not necessarily more secure.

      2. Passphrases are still vulnerable to the same storage mistakes.

      3. A passphrase is easy to remember, but hundreds are not.

      A passphrase is not necessarily more secure

      Remember that dictionary attacks exist. If you pick words that are commonly used in passwords to make your passphrase, then you are at risk of dictionary attack. For example, “PasswordPasswordPassword” is still going to be cracked in seconds. If your words are short, for example “DogIceUp”, then you still have an easy-to-crack password.

      Passphrases are still vulnerable to the same storage mistakes

      If you store passphrases in unsafe locations, for example a sticky note on your monitor or a Google Sheets document, then it is still at risk of being stolen. If someone can find your passphrase, then it doesn’t matter if it’s long and complex.

      undefined

      A passphrase is easy to remember, but hundreds are not

      You are probably getting tired of “monkey plains milk Europe” at this point because it is stuck in your head. However, if you need 200 accounts, then it might not be the easiest task to remember 800 words. 

      If you cheat and use the same passphrase across your accounts, then getting pwned once means hackers have all of your information. 

      This leads to the next question.

      Should I use a passphrase?

      Yes, passphrases are great. If you are looking for a super strong password for your email account or password manager, then a passphrase is a great option. Use a super complex passphrase to keep these key accounts safe. 

      However, it’s not recommended to use passphrases for every single account you need to access. Trying to remember hundreds of passphrases is impossible. It’s best to use a handful of passphrases to protect key accounts and then let a password manager remember the rest of them for you.

      6 steps to creating and remembering a strong passphrase

      Building a passphrase is easy. Actually, it can even be fun!

      Here are 6 steps to follow to create and remember a strong passphrase:

      1. Avoid common phrases: Using four random words can create a strong passphrase. Using a common phrase like “TomBradyIsTheGOAT” will leave you vulnerable to dictionary attacks.

      2. Jokes are easier to remember: If you think something is funny, then you’ll remember it. However, it won’t necessarily be an easy to predict phrase for a computer or someone making a social engineering attempt. For example, “NoisyGiraffeInfestation” is funny but not exactly what you’d think would go together. 

      3. Add an unusual word or two: This is the point where you pull out your thesaurus and pick one of the alternative words. For example, I’ve always liked “parsimonious” instead of “cheap” to describe someone unwilling to spend money. 

      4. Avoid common password words: We all know “password” should be avoided, but did you know ice, rice, tea, and pie are the most common food items in passwords? It’s best to avoid anything in the top 100 most common passwords at a minimum.

      5. Substitute in numbers and symbols: Just like normal passwords, passphrases should also have upper- and lowercase letters, numbers, and symbols. Where possible, consider unusual substitutions to prevent advanced dictionary attacks. While “4” is often used for “A”, consider “7” for an upside-down “L”.

      6. Practice typing your passphrase: Type out your passphrase 20 or 30 times to make sure you don’t forget. Even if you’ve memorized “monkey plains milk Europe” for life, “Monkey.Pl4ins.Milk.Eur0pe!” isn’t quite as easy. Since passphrases should be used to protect your most important accounts, you don’t want to forget yours!

      TeamPassword is the best way to store and share passphrases and passwords

      Passphrases are a great new way to create complex passwords that are still easy to remember. If you’ve read this far, you’ll never forget “monkey plains milk Europe” and that’s the whole point. They are long and easy to remember.

      However, it is still not easy to remember hundreds of passphrases, so use them for your core accounts and then let a password manager create, store, and update your other passwords for you. 

      For example, we strongly recommend creating a passphrase to use as your master password for your TeamPassword account. This password unlocks your entire vault, and is not stored by us, so we cannot reset it if you lose it!

      Your master password must be strong and memorable. 


      Sign up for a 14-day free trial today to see why TeamPassword is the easiest way to store passwords online and share them with your team.

      패스워드 보안을 향상시킵니다

      패스워드를 올바르게 생성하고 관리하기에 가장 적합한 소프트웨어

      TeamPassword Screenshot
      facebook social icon
      twitter social icon
      linkedin social icon
      관련 게시물
      A team of diverse workers standing in a circle with their arms outstretched and hands touching, there is a desk with computers in the background.

      Password Management

      December 13, 202410 min read

      Best Password Managers for Teams (2025)

      The best password managers for teams go beyond suggesting a strong password and saving them securely for you. ...

      username ideas

      Password Management

      December 13, 202413 min read

      How to Make a Good Username | Create a Unique and Secure Username

      See the best way to come up with a new username. We break down types of usernames, why ...

      Freelancer in coffee shop working on laptop

      Business

      December 3, 202411 min read

      Best Freelance Writer and Editor Password Manager: What Freelancers Need and Why

      The best password manager for freelance writers and editors can save you money and time so you can ...

      업데이트를 놓치지 마세요!

      이와 같은 게시물을 더 읽고 싶다면, 블로그를 구독하세요.

      Promotional image