A passphrase is a combination of characters used to control access to computer networks, databases, programs, websites online accounts and other electronic sources of information. Within the context of networking, an administrator typically chooses passphrases as part of network security measures. Passphrases (also called security keys) can include phrases, uppercase letters, lowercase letters, numbers, symbols and combinations thereof.
Passphrases in Computer Networking
Some Wi-Fi home networking equipment comes preconfigured with software that generates static encryption keys to prevent unwanted access. Rather than create the long string of hexadecimal numbers required by protocols such as WPA, an administrator instead enter a passphrase into the setup screens of wireless routers and network adapters. The setup software then automatically encrypts that passphrase into an appropriate key.
This method helps simplify wireless network setup and management. Because passphrases are easier to remember than long, nonsensical phrases and character strings, administrators and network users are less likely to enter incorrect login credentials on any of their devices. Not all Wi-Fi gear supports this method of passphrase generation, however.
Passwords vs. Passphrases
Passwords and passphrases are not the same:
- Passwords are usually short—about six to 10 characters. They’re adequate for controlling access to non-sensitive information.Passphrases typically consist of about 10 to 20 random words and/or characters, which is appropriately secure for home networking.
Generating Passphrases
Passphrases created by software usually are more secure than those generated by humans. When devising passphrases manually, people tend to include actual words and phrases that refer to places, people, events and the like so they’re easy to remember; however, this also makes passphrases easier to guess. A far better approach is to use a long string of words that don’t make up understandable phrases. Simply put, the phrase should make no sense at all.
It’s worth noting that using actual words makes a passphrase vulnerable to a dictionary attack. in which dictionary software is used to try out infinite combinations of words until the right phrase is found. This is of concern for only the most sensitive networks, however; for ordinary home networking, nonsense phrases work well, especially when combined with numbers and symbols.
Electronically generated passphrases (or keys encrypted from user-created passphrases), on the other hand, use complex algorithms to defeat the logic used in typical hacks. The resulting passphrases are extremely nonsensical combinations that would take even the most sophisticated software a great deal of time to crack, rendering the attempt impractical.
Online tools are available for the automatic creation of secure passphrases. Here are a few to try, along with a passphrase generated from each:
- SSH Passphrase Generator: VJG8S0/Y1FfVB8BK
- Diceware: supernova-platypus-shrine-t-shirt-plethora-`-^
- Untroubled.org Secure Passphrase Generator: children28Risen53Thrips
When using these tools, choose the options that result in a combination of randomly capitalized words, numbers, and symbols.
Get the Latest Tech News Delivered Every Day