Unlock Stronger Security: Why Passphrases Are the Future of Passwords
If you’re still using regular passwords then stop – there might be a better way. Security experts are now urging phone owners to consider using something called “passphrases” instead.
When you create a password, you’re generally advised to stay away from single phrases and choose random characters instead. But cyber-experts say you can use a combination of phrases to make easy-to-remember and extremely secure “passphrase” passwords. It’s important that you follow strict rules when you create them, however.
“You need to use strong passphrases to protect your online accounts from unauthorized access,” Keeper Security’s Tim Tran warned. “Your online accounts grant access to your sensitive information that cybercriminals can sell on the dark web or use to commit identity theft.”
For instance, Keeper Security gives the example of: chArger-8brocoli-mordor-Penny-bottle as a passphrase. However, make sure that you never use this specific passphrase, as it’s now public.
PHRASE THE ROOF
There are some key rules you must not break if you’re using passphrases. For a start, you must never use personal information like names of family members, important dates, or sports teams. Similarly, don’t use popular phrases like song lyrics or nursery rhymes. You should also avoid theming your passphrases.
“A strong passphrase does not include any words that correlate with each other,” Tran warned. “For example, including a theme to your passphrase such as types of fruit is easier for cybercriminals to guess.”
Another golden rule of passphrases – and passwords in general – is to never re-use them. Make sure every passphrase is totally unique, otherwise a single hack attack can lead to several of your accounts being taken over.
Other password rules also apply, like including a mix of cases and numbers – and ensuring it’s at least 16 characters long. And finally, even though passphrases are easier to remember, it’s still worth storing them in a password manager.
LOCK AND KEY
Ultimately, security experts say that both passwords and passphrases are flawed. That’s why many apps and services are now moving to an entirely new type of log-in method called passkeys. If you have an iPhone or Android phone that has been updated to the latest software, you may find that some apps or websites offer you the option to sign up or log in using passkeys.
These are alternatives to passwords that can’t be leaked or accidentally given away – and can’t be made simple or re-used. They typically make use of a biometric authentication system on your phone, like Apple’s Face ID or a fingerprint scanner. So if you see the option to create a passkey pop up, consider trying it out – security experts say it’s far safer.