Today, Thursday 6 May 2021, is World Password Day.
It’s timely to mention the password paradox, that unfortunately, password security can undermine security.
Passwords are meant to be hard to guess and crack, so we are asked to make them random and complex. But we humans are good at association, not randomness. When we do use random, complex passwords we find them impossible to remember.
Unusable security tends to result in less secure behaviour. To make life easier we reuse the same password or store them insecurely. In addition, we use memorable facts we have easily in mind but are also easy for others to guess or find.
What tips help resolve this conundrum?
Most of us have one or two passwords we need in our head for “usability”. For example, remembering the password to our password management software! Passphrases are a good solution; secure, yet easier to remember.
How do you use passphrases?
Randall Monroe’s blog (which he shares under creative commons) explains the difference between passphrases and complex passwords and compares how secure they are. Remember that passphrases are not always more secure – it depends on how you use them!
Thanks to Sarah Pflug for top photo from Burst