*Note: The article presented here is written by authors not affiliated with hashemian.com.
This site is not responsible for any errors, omissions, or objectionable content.
Exercise care before engaging in business with any companies mentioned in this article.

Go to: /articles/2005/07/17/ for other articles.

Forget Passwords - Use Passphrases For Higher Security

------------------------------------------------------------------------ NOTE: The author of this message has chosen not to reveal an email address. You won't be able to reply to the author directly. ------------------------------------------------------------------------

The following article may be reprinted in any medium provided the author's bylines remain intact. A courtesy copy of the publication or website would be appreciated: aaron@aaronzwebworkz.com
=================================================================
Forget Passwords - Use Passphrases For Higher Security by Aaron Turpen

Think about this: what is easier to remember "34xl73db6" or "SecureThis"? Obviously the latter.

Technically, "SecureThis" is only a password consisting of two words, but on some systems that allow spacing between words (like Windows 2000 and XP), the password becomes a passphrase "Secure This." It's complete with mixed capitalization, a total of 11 characters, and it's easy to remember.

Using passphrases is much more secure, due to the lengthier number of characters and the inability for simpleton hackers using dictionaries to just randomly try single words. In fact, a phrase is much harder to duplicate unless it's extremely common (like the name of a top hit song or actor). Especially if you include capitalization. Most brute-force hackers use randomizers and dictionary-linked software to try to break codes.

Most secure sites, software, etc. require that you use at least 6 or more characters in your password, many require that you mix upper and lower-case letters and most require that you also include numbers. This generally results in a lot of passwords that are forgotten and have to later be retrieved, usually by less-than-secure email methods.

Recent discussions among security professionals on blogs, websites, etc. have pointed out the relative merits of using passphrases instead of just single words (passwords). One of the biggest advantages is the ability to easily remember most passphrases while keeping the biggest security bonuses associated with them (larger numbers of characters).

I've switched most of my passwords to passphrases wherever possible. I think you should too.

=================================Aaron Turpen is the proprietor of Aaronz WebWorkz and the author of several informative e-books, including "The Layman's Handbook To Doing Business Online," in which this article appears. His books are available from his website: www.AaronzWebWorkz.com

Article Topics