Let’s settle the password vs. passphrase debate once and for all

Should you use a password or passphrase? The question has sparked intense discussion among techies for years. Here’s our recommendation.

Several years ago, the science comic blogger Randall Munroe, otherwise known as XKCD, posted a comic comparing passwords and passphrases. The illustration attempts to demonstrate mathematically, using information theory, that passwords tend to be weaker than passphrases while also being more difficult to remember. Because of this, people use simpler passwords, write them down, or reuse them, thus weakening password security further.

Munroe concludes, “Through 20 years of effort, we’ve successfully trained everyone to use passwords that are hard for humans to remember, but easy for computers to guess.”

Many people think a password is meant to protect them from someone targeting them specifically. That’s usually not how people get hacked though.

When you create an online account, the company stores your password in encrypted form on its servers. If hackers get their hands on that password database, then it’s only a matter of running password-guessing programs against the list to see if they match. There are computers that can guess hundreds of billions of passwords per second, though companies typically use encryption methods that slow down the process of guessing.

What is a passphrase?

While everybody knows what is a password, fewer people know about passphrases. A passphrase is a kind of password that uses a series of words, separated by spaces or not (it doesn’t really matter). “correcthorsebatterystaple” is the passphrase in the comic. Although passphrases often contain more characters than passwords do, passphrases contain fewer “components” (four words instead of, say, 12 random characters). This makes passphrases easier to remember, typically by using a mnemonic device.

A passphrase is more secure… sometimes

After the XKCD comic came out, there was a wave of discussion online about whether the advice was correct. Much of the debate centered around the amount of entropy each of his examples contained. Entropy is a concept in information theory which basically refers to the amount of randomness contained in a password. Generally, the more randomness is contained in a password, the harder it is to crack the password. This is why longer passwords are favored, because they presumably contain more “randomness.”

XKCD assumes the attacker knows the user has generated a passphrase by choosing four of the most common (top 2,048 in this example) dictionary words at random. Even so, the passphrase contains more entropy than the password. There are only 94 possible options for each password character, meaning less uncertainty. So, mathematically speaking, a passphrase could be more secure.

But not always. By lengthening the password or adding words to the passphrase, you can increase the entropy. For example, a 20-character password consisting of random lower-case letters is much stronger than a four-word passphrase composed of common words. Such a password cannot be dictionary attacked, so it must be brute forced, which would take modern computers billions of years to do.

AviD’s Rule of Usability

But XKCD’s argument is not primarily about mathematics. It’s about how to create the most secure systems possible in light of human imperfections.

For decades, the advice from information security experts was to change your passwords frequently and use numbers, capitals, and special characters. But we humans are bad at creating randomness, and we’re bad at remembering things. So inevitably people used simple words, names, birthdates, and sayings, swapping out letters with similar-looking special characters. Hackers can crack these kinds of passwords in a matter of seconds.

In an effort to make secure systems, the prevailing password advice actually made the systems less secure. Or, as the user AviD now-famously put it on Stack Exchange, responding to the XKCD comic: “Security at the expense of usability comes at the expense of security.” In other words, if your “secure system” isn’t easy to use, people won’t use it, negating the security benefit. (This is actually the founding principle of ProtonMail.)

Our recommendation on the password vs. passphrase debate

Both passwords and passphrases can be secure, and if you are using a password manager, the security and usability differences between passwords and passphrases will not be significant. However, if you are setting a password that you must remember by heart, for usability reasons, we recommend using passphrases.

When you use passphrases, also keep the following in mind:

  • Four words should be sufficient. Five words is better.
  • Don’t choose from the most common words, and don’t choose quotes or sayings. The words should be as random as possible.
  • Use a unique passphrase for every account you own. That way, if one passphrase is ever exposed, the other accounts remain secure.

This article is part of our series on password security. You can also check out our previous article about how long a password should be.

Best Regards,
The ProtonMail Team

You can get a free secure email account from ProtonMail here.

We also provide a free VPN service to protect your privacy.

ProtonMail and ProtonVPN are funded by community contributions. If you would like to support our development efforts, you can upgrade to a paid plan or donate. Thank you for your support.

About the Author

Ben Wolford

A journalist by training, Ben has reported and covered stories around the world. In 2014, he founded a magazine, Latterly, devoted to international reporting on human rights. He joined ProtonMail to help lead the fight for data privacy.

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

4 comments on “Let’s settle the password vs. passphrase debate once and for all

  • Thanks for sharing your point. I make up sentences in natural language (with some secret tweaking) of memories or events that mean something to me but mean nothing to the rest of the world (e.g.: “I still remember that sunny aftternoon when we met in Sicily”). Very fast to type, also.

    It would be interesting to know your point of view on FIDO2/WebAuthn devices and if you advise to trust closed-source keys (Yubikey) or if it’s advisable to opt for open-source devices (Solo Keys).

    Reply
  • I use a 7 word diceware passphrase to protect my password manager which generates long random passwords for me for web sites and apps. The best of both worlds.

    Reply
  • Hi

    I agree with you on the fact that passwords are a fake security mechanism. I doubt passphrases will provide a much better security as, if we have to memorized a different phrase for each service we access on the internet, we will very rapidely write them down on a sheet of paper.

    I personnaly use 512-byte random binary files to encrypt my disks. We all will be dead before anybody can crack them. Those files are stored on a removable media, and one has to get the hand on my PC and the removable to be able to access my files.

    I wonder why Protonmail does not provide us with the option of using binary files rather than typing characters to access our mail accounts.

    Reply
  • Hi,

    I use the Enpass password manager and I try to use longer password (if possible I try to have 30 characters minimum) on all my online services accounts, however, many of them don’t accept password longer that 12 or 16 characters (per example), or worse don’t accept specials characters. Because of that, the security of these websites is potentially easier to compromise. I would like use more passphrase but it’s hard when website have so much stupid limitations in creating the password. In combination to longer password (30+ char), I always use 2FA (mainly with Authy) when it’s possible.

    Reply