Back to blog page

Passphrases: Remembering secure passwords the easy way

"GddW&m3H." "4Am-RaeA." Who can remember passwords like that? Luckily, there’s a better way: the passphrase method. Use it to create strong, secure passwords that are so memorable that they’re a snap to recall.
Man sits at desk in front of laptop with hand on chin
Need a secure password you can remember? Try a passphrase!
 
  By Alyssa – Reading time: 3 min.


As we all know by now, if you want your online accounts to be safe from hackers, you need a strong password: long, unique, and complex enough that no one can guess it.
 
Sounds simple in theory… but in practice, it can be a real headache. After all, who can keep dozens of random logins in their head, especially when every account is supposed to have a different password? No wonder so many people get frustrated.
 
Password managers are one solution. But if you’d rather rely on your memory, the best trick is to use a passphrase. It’s a surprisingly easy way to create a hard-to-crack password.

Keep reading to learn more about:
 
  1. The definition of a passphrase
  2. What makes a good passphrase
  3. Passphrase examples
  4. Passphrase generators
  5. Acronym method
  6. Frequently asked questions
 

What is a passphrase?

 
A passphrase is like a password, but instead of a short jumble of letters and numbers, it’s a whole phrase you can actually remember. This means a silly sentence or a string of unrelated words that, when put together, create a login that’s both easy for you to recall and hard for hackers to guess.

Think of it this way: a password might be “Tr!9Lx3j9f,” but a passphrase gives you a longer, more natural option like “CoffeeTableDancesAt11!”

So, how does passphrase vs. password stack up? A typical password is short and cryptic, which often makes it weak and forgettable. A passphrase, on the other hand, is longer, more secure, and far easier to commit to memory.
 

The passphrase method in a nutshell

Here’s how the passphrase method works:

Start by thinking of a sentence you’ll never forget. It could be about a personal experience, a list of words, or a random silly phrase. Here are some examples of starting points for a passphrase:
  • Monday I tripped over my shoelaces
  • Flowerpot yarn mirror chandelier
  • My dog snores louder than my husband
  • Angelina’s parrot dances the tango
A quick but important warning:

Don’t use personal details like your birthday, address, names of family members, or where you last went on vacation – all of this information is easily found online. You should also avoid well-known quotes, song lyrics, or easy-to-guess phrases like “this is my email password.” Hackers know those tricks.

A passphrase should be a random statement or list of words that don’t obviously belong together but still make sense to you

Create a secure passphrase

The next step is to take your memorable sentence and glue the words together:

angelinasparrotdancestangoatnoon

That’s a solid start, but now you should strengthen it a bit more. By mixing in uppercase letters, numbers, and symbols, you’ll make it far harder to crack without making it harder to remember:
  • Add uppercase letters: AngelinasParrotDancesTangoAtNoon
  • Add special characters: Angelina's-parrot-dances-tango-at-noon
  • Add numbers: Angelina's1parrot2dances3tango4at5noon
  • Combine them all for maximum strength: Angelina's-Parrot-Dances-Tango-At-12

One passphrase per service. With a twist.

You should never, ever recycle the same password or passphrase for multiple accounts. If you would like to keep reusing using your memorable words or sentence, take your base passphrase and add another word that is associated with each service. Be sure to use a descriptive word rather than the name of the service provider.

For example:
  • Email account: Angelina's1Parrot2dances3atnoon4tangoCorrespondence
  • Favorite online shop: Angelina's1Parrot2Dances3atNoon4TangoClothing
That way each login stays unique, but you still only have to remember one main phrase.
 

Password generators and passphrases


Sometimes you don’t want to come up with your own phrase. In that case, you can generate passphrase options with online tools. An online password or passphrase generator tool can create random strings of words that still make sense as a sentence.

For example, a random passphrase generator might come up with: “GiraffeJumpsOverLaptopAtNight.”

The result? A passphrase that’s unique, secure, still easy enough to type – and not too predictable.
 

Acronym method for shorter but complex passwords

If you’d rather keep things short but think a memorable phrase will help you remember your password, why not try the acronym method? It’s an easy way to create a short, complex password you can remember:
  1. Start with a silly sentence, then take the first letter of each word: “Angelina’s parrot dances the tango at noon” becomes “APDTaN”
  2. Spice up your acronym with numbers and symbols until it hits at least 12 characters: {#APDTa1200#}
This looks completely random to outsiders, but you’ll know exactly what it means. And since some websites limit password length, the acronym trick comes in handy when a full 25-character passphrase won’t fit.
 

Passphrase FAQ

  1. Are passphrases better than passwords?
    Yes, in most cases. That’s because they’re longer and made of a series of words, making them harder for hackers to guess – but easier for you to remember.

  2. Is a passphrase the same as a password?
    Yes and no. They serve the same purpose, which is to unlock your account. However, a password is usually shorter and more cryptic (“Tr!9Lxh9A”), while a passphrase is longer and more natural (“CoffeeTableDancesAt11”). That makes it easier to recall without writing it down.

  3. How long should a passphrase be?
    At least 12 characters, because this is the minimum password length required by many services. But you should aim for 20 characters or more: the longer the passphrase, the more secure it will be.

  4. Can I use a passphrase everywhere I use a password?
    In most cases, yes. You enter a passphrase the same way you would a password. However, some websites or apps may limit length or disallow certain special characters. If that happens, shorten or adjust your passphrase – or use the acronym method.

  5. What is an example of a passphrase?
    “My10PuppiesEatPizza!” is one fun example of a strong passphrase – it contains a mix of upper- and lowercase letters, numbers, and a symbol, and is 20 characters long.

  6. Is a 3 word passphrase secure?
    Not really. Three words can be guessed with enough computing power. Aim for at least four to six unrelated words.

 
The passphrase method gives you the best of both worlds: a password that’s tough enough to keep hackers out but easy enough for you to remember. If length isn’t an option, the acronym version is your friend.

Before you rush off to start creating passphrases, please give us some feedback below! And if you still don’t have a mail.com account, why not sign up for free today?

Images: 1&1/GettyImages

Posted in

Password Security How-to

1 person found this article helpful.

Related articles

What happens to my Instagram account when I pass away?

What happens to your Instagram when you’re gone? Learn how to plan ahead, put your wishes in writing, and explore Instagram’s options for memorialization, deletion, or heir access

Your digital footprint: Why Gen Z should care (and how to take control)

Learn what a digital footprint really is, why it matters more than you think, and how to take control of yours with simple, practical steps anyone can follow.

Eight easy ways to keep your phone & data safe when you travel

Imagine your phone is lost, damaged, or stolen on vacation: no selfies, no contacts, no GPS. Learn 8 ways to protect your phone and data while traveling.