ID Experts Home

For Password Security, Longer Is Better

November 13, 2016

Remember when experts were advising us to create complex passwords that contained a mix of capital and lowercase letters, numbers, and special figures like dollar signs and question marks?

Well, a recent series of studies from Carnegie Mellon University shows that those nonsensical and nearly impossible to remember passwords are no safer than long “passphrases” of 16 to 64 characters. In other words, a long but straightforward password such as “passwordsaresuchabigpain!” is likely to be at least as secure as a shortened version like “pwsRpain!”

Now, you may not relish having to type in up to 64 characters, but at least you’re more likely to remember a long passphrase. And if you can remember your passwords, you’re less likely to reuse them or write them down on a piece of paper or in a file on your computer—actions that put you at further risk of identity theft.

Of course there are a few catches. One is that you still have to come up with unique passphrases for each site you use, from your email to social media, work, and online banking.

In addition, your passphrases should not be easy for hackers to guess. Using downloadable libraries, hackers can quickly identify common phrases such as clichés and idioms, popular song lyrics, and well-known quotes from TV shows or movies. Run an online search for your passphrase and see if the search engine auto-completes it. If so, it’s a popular phrase you should avoid.

Another hitch is that some sites still limit passwords to 16 characters or fewer. That may change if research continues to show the security of long passphrases, but for now some sites may force you to continue using short, complex passwords.

If you’re not sure how strong your passwords are, or want to compare the security of your shorter passwords with that of longer passphrases, you can test them here.

And if all of this makes your head spin, and you’d prefer not to worry about remembering any passwords, there are password managers and other solutions available to ease your password pain.

Helpful Tips
Is Facebook Your Password Manager?
August 28, 2016

If you had as many credit cards as you do online accounts, you’d walk around with a backpack in place of a wallet. Seriously, every time you get a digital subscription or shop online, you have to set up another account and remember another password, and it can drive you crazy. So it’s really…

If you had as many credit cards as you do online accounts, you’d walk around with a backpack in place of a wallet. Seriously, every time you get a digital subscription or shop online, you have to set up another account and remember another password, and it can drive you crazy. So it’s really…

Learn More
Helpful Tips
Easing Password Pain
June 30, 2016

Does keeping track of your passwords make your head hurt? If so, you’re not alone. Surveys find that the average user has anywhere from 6 to 130 passwords across work, online shopping and bill-paying, social media, and other online accounts. As Wall Street Journal columnist Geoffrey Fowler said…

Does keeping track of your passwords make your head hurt? If so, you’re not alone. Surveys find that the average user has anywhere from 6 to 130 passwords across work, online shopping and bill-paying, social media, and other online accounts. As Wall Street Journal columnist Geoffrey Fowler said…

Learn More