G+

Password or Passphrase: what to choose?

Encrypting a file and then finding yourself unable to decrypt it is a painful lesson in learning how to choose a password you will always remember. Thus when creating a password we are inevitably faced with a dilemma: it must contain a variety of letters, numbers, symbols and be easy to remember.

Password or Passphrase

In this case it is recommended to use passphrases which help us to remember a complex set of characters. For example, it may seem that this combination “2b,0rn2b:Tit?” is difficult to remember but in reality it is simple because it is built on the basis of the utterance that is known to almost every one and it almost impossible to forget.

However, first things first…

What password considered to be really reliable?

To measure the complexity of a password the concept of entropy is used. Strong password is the password which has 128 bits entropy (the same value of entropy has AES128 bit key). The number of iterations for breaking key generated on the basis of the password expressed by the number 8*1037; for 1 trillion computers that can check for 1 billion keys per second it will take 2 billion years to crack such key.

Whether it necessary to use a password with such value of entropy? The decision is yours. However, you should understand that information encrypted with a password that has low entropy is vulnerable to hacking.

How to know the password entropy?

For this purpose CyberSafe has Password Strength Indicator. If the password you create fills up approximately half the Indicator bar, then that password has approximately 64 bits of entropy.

CyberSafe encryption software

And if your password fills the Indicator bar, then that passphrase has approximately 128 bits of entropy. In order to determine entropy of the password you can also use this page.

What is “passphrase”?

Under the passphrase is understood grammatically well-formed sentence, composed of numbers and words that helps you to make the password easy to remember.

For example, to compile the password given in the beginning of this post the famous phrase “To be, or not to be: That is the question” was used.

There are no limitations for you when creating passphrases: you can use quotes from favorite novels, poems, films, etc. The main thing they should be in your long-term memory.

Here are some more examples of passphrases:

Mb&1a>ttA. – My brother and I are greater together than apart.
Msbi12/Dec,04 – My son’s birthday is 12 December, 2004.
«B10tillT1td» – «Better ten times ill than one time dead» (Yiddish proverb).

Good luck to you in creating strong passwords!

Get download link

We can give you some ideas about keeping your data safe. Sign up for our newsletter, or activate the checkbox and leave the fields blank.