As we have seen in the previous post, using three authentication factors is quite safe. Unfortunately online services can't afford these technologies. Passphrases are a solution that preserves security without the need of huge investments.

To put it simply, passphrases are very long passwords. But they are safer and easier to remember. As depicted in the above comic strip, there's no need of special characters or substitutions because what really matters is the total length of the sentence.

The number of words used (although common), ensures a level of entropy that prevents brute force attacks. Using uncommon words defends also from dictionary based guesses.

It's important that the sequence of words doesn't belong to a famous quote or can be guessed by someone that knows you. In addition, just like regular passwords, never reuse it.

If you are too lazy to create new passphrases, now there is an online service that does it for you: correcthorsebatterystaple.net.

Other posts in this series

• Part 1 - Introduction

• Part 2 - Let Someone Else Remember Your Password

• Part 3 - Algorithmic Password Generators

• Part 4 - 2 (Or 3) Factors

• Part 5 - Passphrases (this post)

Image from xkcd licensed under a Creative Commons Attribution-NonCommercial 2.5 License.

Post last updated on 2017/01/22.