The passphrase – the better password?

The passphrase – the better password?

The need for a password is well known to many – but isn’t a passphrase better than indiscriminately using cryptic and above all random characters and letters? Meanwhile many people use whole and several words as passwords. Then we are talking about a passphrase.

The advantages are obvious: they are easier to remember and more secure. But there are exceptions. Not all problems are solved by using a passphrase.

What does a passphrase look like?

A passphrase is always a password. A password but not always a passphrase. A cryptic password is difficult to create. Tools such as kryptonizers can help, but if the tool is at home, but the password is needed on the road, few people will remember it.

The following tips and suggestions can help to create a safe phrase:

  1. Take your favourite dish, a holiday destination you have been to or your hobby e.g. Air Skydiving
  2. Look at the daily press – current news, events and happenings can also be inspiration e.g. pandemic
  3. Open your digital dictionary and choose a word at random e.g. Reticulum

Now you have three words from which you can form a passphrase:

“Air Skydiving Pandemic Reticulum”

Spaces are also characters in passwords. But you can also replace these characters. In this way you can meet the high requirements of a password. The following passphrase would also be possible:


However, up to this point you do not meet all the requirements of typical password rules. You still have to add numbers. With


you would now have a very secure password. If you imagine it figuratively, it is easier to remember.

How secure is a passphrase?

The time it takes to guess a passphrase depends on its complexity. The selected words should always come from different contents. IT security experts advise against using lyrics. Also other popular scriptures, such as the Bible or the Koran, should not be used as a source of ideas. Then a passphrase is also safe.

Passphrase als Passwort - jetzt sicher

A passphrase as password quickly achieves a higher level of security than short but complex passwords. Screenshot: wiesicheristmeinpasswort.de

It will take you centuries to guess this passphrase. That is exactly what you want to achieve! However, it should only be used for a single website. The multiple use of passwords is a big problem. In our 10-Day IT-Security Challenge we present the problem and give recommendations for password managers and also help to check if your passwords have been stolen in the past.

You are currently viewing a placeholder content from Default. To access the actual content, click the button below. Please note that doing so will share data with third-party providers.

More Information

Photo of author

Chris Wojzechowski

Mein Name ist Chris Wojzechowski und ich habe vor wenigen Jahren meinen Master in Internet-Sicherheit in Gelsenkirchen studiert. Ich bin geschäftsführender Gesellschafter der AWARE7 GmbH und ausgebildeter IT-Risk Manager, IT-Grundschutz Praktiker (TÜV) und besitze die Prüfverfahrenskompetenz für § 8a BSIG. Unser Brot und Buttergeschäft ist die Durchführung von Penetrationstests. Wir setzen uns darüber hinaus für ein breites Verständnis für IT-Sicherheit in Europa ein und bieten aus diesem Grund den Großteil unserer Produkte kostenfrei an.