Skip to main content

A comparison of passphrases and passwords

Using a phrase or sentence, not one word, as your password​

A passphrase is similar to a password. It is used to verify access to a computer system, program or service. Passphrases are most effective when they are:​

  • Used with multi-factor authentication
  • Unique – not a famous phrase or lyric, and not re-used
  • Longer – phrases are generally longer than words
  • Complex – naturally occurring in a sentence with uppercase, symbols and punctuation
  • Easy to remember – saves you being locked out.

Passphrases create greater security and more convenience

  • Harder to crack against common password attacks
  • Easier to remember than random characters
  • Meets password requirements easily – upper and lower-case lettering, symbols and punctuation

Brute force attacks and dictionary attacks​ both generate millions of password/passphrase attempts per second.

For all fixed and mobile devices

Passphrases will significantly increase security across all of your business’ devices. See below for a comparison of password vs passphrase security.

Password/ passphrase Time to crack Easy to remember Comments
Brute force attack Dictionary attack
password123 Instantly. Less than AU$0.01 Instantly. Less than AU$0.01 Very easy (too easy) One of the most commonly-used passwords on the planet.
Spaghetti95! 48 hours AU$587.50 Less than half an hour AU$6.10 Easy Some complexity in the most common areas, and very short length. Easy to remember but easy to crack
5paghetti!95 24 hours AU$293.70 Less than 1 hour AU$12.20 Somewhat easy Not much more complexity than above with character substitution, and still short length. Easy to remember but easy to crack.
A&d8J+1! 2.5 hours AU$30.60 2.5 hours AU$30.60 Very difficult Mildly complex, but shorter than the above passwords. Hard to remember, easy to crack (against BFA).
I don’t like pineapple on my pizza! More than 1 year. More than AU$107,222.40 More than 40 days. More than AU$11,750.40 Easy Excellent character length (35 characters). Complexity is naturally high given the apostrophe, exclamation mark and use of spaces. Very easy to remember and very difficult to crack.