They're easy to remember and hard to crack

Like many companies, we define our policies so that they require complex passwords that need to be changed more often than users would like (normally every 30 days).

Our suggestion to users has always been to pick a passphrase — that is, a sentence or a phrase — rather than a password. A sentence, a phrase, is normally easier to remember because we do something called "data chunking" that lets us remember a group, or chunk, of related data.

While passphrases are inherently easier for us to remember, passphrases are complex for computers because sentences have capital letters, spaces, punctuation, and sometimes even numbers. The longer length of passphrases also helps. Even something short like "Viva Las Vegas" is 14 characters with three types of characters.

Inspiring phrases, funny sayings, bible verses, lists, and even a line of code can all be good passphrases. Just like with passwords, though, you want to avoid easy-to-guess passphrases such as those containing personal information or famous quotes.

If you'd like to learn more about passphrases, Microsoft published the three-part series “The Great Debates: Pass Phrases vs. Password” which has a lot of helpful information.

You can find the this three-part series here:

 

 

The Great Debates: Pass Phrases vs. Password - Part 1

The Great Debates: Pass Phrases vs. Password - Part 2

The Great Debates: Pass Phrases vs. Password - Part 3
 

 

 

We use cookies on our website. Some of them are essential for the operation of the site, while others help us to improve this site and the user experience (tracking cookies). You can decide for yourself whether you want to allow cookies or not. Please note that if you reject them, you may not be able to use all the functionalities of the site.