Content written for

Individuals & families

Your accounts are only as strong as the tools keeping them secure. One of the most effective ways of protecting your personal information and accounts is to use a strong passphrase.

What is a passphrase?

Passphrases are a longer form of a password. Passphrases use 4 or more random words, with the strongest passphrases being more than 14 characters. This makes them harder for cybercriminals to hack, but easy for you to remember.

Changing your passwords to a strong passphrase, and using Multi-Factor Authentication wherever possible, is a great way to improve your cyber security.

Why do I need a passphrase?

While our passwords have stayed the same, the tools used to crack them have kept evolving. A passphrase is an easy way to improve your cyber security, making your accounts harder to crack.

How do I create a strong passphrase?

You can create a strong passphrase using the below principles.

  • Make them long – the longer a passphrase is, the more secure it is. Aim to make your passphrases 4 or more random words and at least 14 characters in total.
  • Make them unpredictable – select four or more unrelated words using tools available online. You could also open up a book, magazine or article and select the words across multiple pages.
  • Make them unique – use additional modifiers for each passphrase based on the service that it relates to, this will make them easier to remember and harder to crack. For example, ‘crystal onion clay pretzel Facebook’ or ‘crystal insta onion clay pretzel’.

By following these principles, you can improve your cyber security and protect your accounts from compromise.

Find out more

More information and guidance on creating strong passphrases is available on the Australian Signals Directorate’s Australian Cyber Security Centre's (ASD’s ACSC) website.

Was this information helpful?

Thanks for your feedback!


Tell us why this information was helpful and we’ll work on making more pages like it