Skip to main content

Report a cybercrime, cyber security incident or vulnerability.

Passphrases are the more secure version of passwords

Passphrases are made up of four or more random words making them longer than a traditional password. This makes them harder to guess but easy to remember. 

Changing your passwords to a passphrase is a great way to improve your cyber security.

Before you try out passphrases, have you set up MFA?

Multi-factor authentication (a combination of something you know, something you have or something you are) is an effective way to protect your accounts against unauthorised access. However, where multi-factor authentication is not available, a strong passphrase is your best defence. 

When you choose your passphrase, make it:

Long
The longer your passphrase, the better

Aim for at least 14 characters long. Four or more random words that you will remember is great. For example, ‘purple duck potato boat’. 

Unpredictable
The less predictable your passphrase, the better 

A good passphrase is made up of four or more random words. Sentences don't make great passphrases as they can be easier to guess. For example, it is predictable to have spaces between words, a capital letter at the beginning and punctuation at the end. Using a mix of random words is far more unpredictable and makes stronger passphrases.

Unique
Don’t recycle your passphrases 

Use different passphrases for different accounts. Your Facebook password should be different to your email password and so on. 

2 minute quiz

Think you know how to make a secure passphrase?

Was this information helpful?
Was this information helpful?

Thanks for your feedback!

 
Optional

Tell us why this information was helpful and we’ll work on making more pages like it

Want to use passphrases but don’t think you’ll remember them?

Try a password manager! Learn the dos and don’ts of securely storing your passphrase. 

Turn on multi-factor authentication

It’s harder for people to guess your details when you have extra checks in place.

Recognise and report scams

Learn how to recognise scams and who to report them to.

Content complexity
Simple
This rating relates to the complexity of the advice and information provided on the page.