Passwords are the most common way to prove our digital identity. We use passwords to access our work and home computers and email, online banking services, and social media accounts. If these passwords are not strong enough, systems and data are left vulnerable to attack. In fact, compromised passwords are the leading cause of security breaches.

A passphrase is a sentence-like string of words longer than a traditional password, easy to remember, and difficult to guess. A passphrase could be several meaningful but seemingly unrelated words. Because they are meaningful to you and easy to remember, the passphrase would take years for a cybercriminal to guess, even with technology designed to guess and test potential passwords.

So, why use a passphrase? Cybercriminals have perfected the art of guessing passwords. Think of all the information that is protected by just your password. That’s why security experts recommend using a passphrase when creating a password. We have been taught that simply adding special characters or numbers will make the password more secure, but that’s not necessarily the case. A password like Bulld0gz! takes a cybercriminal approximately 3 seconds to guess.

Here are some best practices when creating a strong passphrase:

• Pick a phrase or series of random words that are meaningful to you. Think of four things you like, for instance,
• blue, apple, tailgate, and mountain.
• Add uppercase and lowercase and a special character: BlueAppleTailgateMountain!
• Add a dash in between each word: Blue-Apple-Tailgate-Mountain!
• Don’t use the name or nickname of a pet or relative
• Don’t use information easily obtained about you, such as your address, telephone number, or hometown
• Don’t use a commonly used password such as P@ssw0rd, qwerty, or 123456
• Don’t use a password of all numbers or a password composed of just alphabet characters

For additional cybersecurity tips, visit the Cybersecurity Awareness and Education microsite by clicking the Security Awareness icon in the Employee Portal.