How to create strong passwords and passphrases
Most advice about passwords is outdated. The single biggest factor in a password's strength is not strange symbols โ it is length. This guide explains what really matters and how to make passwords that are both strong and usable.
Length beats complexity
A password's strength comes from how many guesses it would take to crack, measured in bits of entropy. Adding length increases this far faster than swapping a letter for a symbol. A long random password โ 16 characters or more, mixing upper and lower case, digits and symbols โ is extremely hard to crack, while a short "P@ss1" is weak no matter how clever it looks.
Passphrases: strong and memorable
A passphrase is several random words strung together, such as four or five unrelated words. Because there are so many possible word combinations, a four-word passphrase can be as strong as a long random string while being far easier to remember and type. Choose the words randomly โ a phrase from a song or a common saying is not random and is much weaker.
Habits that keep accounts safe
Use a different password for every account, so one breach cannot unlock the others, and let a password manager remember them for you. Turn on two-factor authentication where you can, and never reuse an important password on a site you do not trust. When you generate a password, do it with a tool that uses your device's cryptographic randomness rather than a predictable source.
Try it: generate strong passwords and passphrases with PassBloom โ