Let’s settle the password vs. passphrase debate once and for all

Several years ago, the science comic blogger Randall Munroe, otherwise known as XKCD, posted a comic comparing passwords and passphrases. The illustration attempts to demonstrate mathematically, using information theory, that passwords tend to be weaker than passphrases while also being more difficult to remember. Because of this, people use simpler passwords, write them down, or reuse them, thus weakening password security further.

Munroe concludes, “Through 20 years of effort, we’ve successfully trained everyone to use passwords that are hard for humans to remember, but easy for computers to guess.”

Many people think a password is meant to protect them from someone targeting them specifically. That’s usually not how people get hacked though.

When you create an online account, the company stores your password in encrypted form on its servers. If hackers get their hands on that password database, then it’s only a matter of running password-guessing programs against the list to see if they match. There are computers that can guess hundreds of billions of passwords per second, though companies typically use encryption methods that slow down the process of guessing.

What is a passphrase?

While everybody knows what is a password, fewer people know about passphrases. A passphrase is a kind of password that uses a series of words, separated by spaces or not (it doesn’t really matter). “correcthorsebatterystaple” is the passphrase in the comic. Although passphrases often contain more characters than passwords do, passphrases contain fewer “components” (four words instead of, say, 12 random characters). This makes passphrases easier to remember, typically by using a mnemonic device.

A passphrase is more secure… sometimes

After the XKCD comic came out, there was a wave of discussion online about whether the advice was correct. Much of the debate centered around the amount of entropy each of his examples contained. Entropy is a concept in information theory which basically refers to the amount of randomness contained in a password. Generally, the more randomness is contained in a password, the harder it is to crack the password. This is why longer passwords are favored, because they presumably contain more “randomness.”

XKCD assumes the attacker knows the user has generated a passphrase by choosing four of the most common (top 2,048 in this example) dictionary words at random. Even so, the passphrase contains more entropy than the password. There are only 94 possible options for each password character, meaning, less uncertainty. So, mathematically speaking, a passphrase could be more secure.

But not always. By lengthening the password or adding words to the passphrase, you can increase the entropy. For example, a 20-character password consisting of random lower-case letters is much stronger than a four-word passphrase composed of common words. Such a password cannot be dictionary attacked, so it must be brute-forced, which would take modern computers billions of years to do.

AviD’s Rule of Usability

But XKCD’s argument is not primarily about mathematics. It’s about how to create the most secure systems possible in light of human imperfections.

For decades, the advice from information security experts was to change your passwords frequently and use numbers, capitals, and special characters. But we humans are bad at creating randomness, and we’re bad at remembering things. So inevitably people used simple words, names, birthdates, and sayings, swapping out letters with similar-looking special characters. Hackers can crack these kinds of passwords in a matter of seconds.

In an effort to make secure systems, the prevailing password advice actually made the systems less secure. Or, as the user AviD now-famously put it on Stack Exchange, responding to the XKCD comic: “Security at the expense of usability comes at the expense of security.” In other words, if your “secure system” isn’t easy to use, people won’t use it, negating the security benefit. (This is actually the founding principle of ProtonMail.)

Our recommendation on the password vs. passphrase debate

Both passwords and passphrases can be secure, and if you are using a password manager, the security and usability differences between passwords and passphrases will not be significant. However, if you are setting a password that you must remember by heart, for usability reasons, we recommend using passphrases.

When you use passphrases, also keep the following in mind:

  • Four words should be sufficient. Five words is better.
  • Don’t choose from the most common words, and don’t choose quotes or sayings. The words should be as random as possible.
  • Use a unique passphrase for every account you own. That way, if one passphrase is ever exposed, the other accounts remain secure.

This article is part of our series on password security. You can also check out our previous article about how long a password should be.

Best Regards,
The ProtonMail Team

Sign up and get a free secure email account from ProtonMail.

We also provide a free VPN service to protect your privacy.

ProtonMail and ProtonVPN are funded by community contributions. If you would like to support our development efforts, you can upgrade to a paid plan or donate. Thank you for your support.

About the Author

Ben Wolford

Ben Wolford is a writer at Proton. A journalist for many years, Ben joined Proton to help lead the fight for data privacy.

Comments are closed.

8 comments on “Let’s settle the password vs. passphrase debate once and for all

  • Thanks for sharing your point. I make up sentences in natural language (with some secret tweaking) of memories or events that mean something to me but mean nothing to the rest of the world (e.g.: “I still remember that sunny aftternoon when we met in Sicily”). Very fast to type, also.

    It would be interesting to know your point of view on FIDO2/WebAuthn devices and if you advise to trust closed-source keys (Yubikey) or if it’s advisable to opt for open-source devices (Solo Keys).

  • Why does everyone always present the password issue as a choice between a short and overly reused single password, a set of passphrases of random words, or unique cryptic generated strings you will just lock yourself out of everything with the day you can’t use your password manager? There are in-between solutions. My solution has been for years that I have a short and long passphrase (for low or high security) with no meaning but grammatical sense, with some numbers and symbols thrown in, like say 752Bacons?OfLords, to which I add the initials of what I’m making the password for. E.g. for google it would 752Bacons?OfGLords, for paypal 752Bacons?OfPPLords, etc. This makes it so that you only need to remember as few or as many passphrases as you choose to have security levels/avoidance of reuse, and yet you have a unique password for everything that you don’t need to store in a manager or anything. It’s the best of both worlds and uncrackable as hell as long as nobody not only captures a plaintext but also bothers to look at it with human eyes (unlike the automated mass processing that happens with actual hacks) to figure out the trick with the initials (which you could caesar-shift or whatever to further avoid that).

  • Tell this to those web developers who implement forms that require you to insert passwords of max 12 characters with minimum one symbol, one number and one capital letter… I don’t like these approaches that do not let you chose what’s your definition of secure!

  • If, like me, you are pushing 70, with a lifetime in IT, you know all this stuff, but there is nothing you can do about it. I have difficulty remembering the day of the week, never mind a 5 word pass phrase. And one for each of my 300 accounts? Forget it (I have, already).
    The only option for me is a 2FA passphrase-locked Password Manager.
    Now I am vulnerable to someone getting my cell and my passphrase, and also to the Forces of Evil (aka PseudoDemocratic MisGovernments) subverting the Password Management company, but what else can I do?
    A Password Manager run by ProtonMail would be a good start, or one recommended, and preferably data-domiciled in a Swiss Canton where The Wicked Witch and The Evil Clown can’t get at it…

  • I use a 7 word diceware passphrase to protect my password manager which generates long random passwords for me for web sites and apps. The best of both worlds.

  • Hi

    I agree with you on the fact that passwords are a fake security mechanism. I doubt passphrases will provide a much better security as, if we have to memorized a different phrase for each service we access on the internet, we will very rapidely write them down on a sheet of paper.

    I personnaly use 512-byte random binary files to encrypt my disks. We all will be dead before anybody can crack them. Those files are stored on a removable media, and one has to get the hand on my PC and the removable to be able to access my files.

    I wonder why Protonmail does not provide us with the option of using binary files rather than typing characters to access our mail accounts.

  • Hi,

    I use the Enpass password manager and I try to use longer password (if possible I try to have 30 characters minimum) on all my online services accounts, however, many of them don’t accept password longer that 12 or 16 characters (per example), or worse don’t accept specials characters. Because of that, the security of these websites is potentially easier to compromise. I would like use more passphrase but it’s hard when website have so much stupid limitations in creating the password. In combination to longer password (30+ char), I always use 2FA (mainly with Authy) when it’s possible.

  • How about this?

    Pick a two line phrase from a poem or a song you’ve memorized. I’ll pick an obvious one:

    Oh Say Can You See
    by the dawn’s early light

    Type out the first letter of each word in the first line in caps, then the first letter of the second line in lowercase.

    You’ll have what appears to be a nonsense jumble: OSCYSbtdel

    Add the year of the song or poem’s writing:


    If you want to do a substitution, pick one letter or number to turn into a special character.