The New Language of Data Security: From Passwords to Passphrases

The Washington Post reports in this (8/11/16) video, "h15p@$$w0rd! is actually a worse password than thispasswordis,believeitornot. Find out why you shouldn't use symbols or caps in passwords, and what you should use instead. (Jhaan Elker/The Washington Post)"

The Washington Post reports in this (8/11/16) video, "h15p@$$w0rd! is actually a worse password than thispasswordis,believeitornot. Find out why you shouldn't use symbols or caps in passwords, and what you should use instead. (Jhaan Elker/The Washington Post)"

According to the Washington Post, “Now, a new standard is emerging for passwords, backed by a growing number of businesses and government agencies — to the relief of computer users everywhere. No longer must passwords be changed so often, or include an incomprehensible string of special characters. The new direction is one that champions less complexity in favor of length.”

The National Institute for Standards and Technology – the federal technology agency that works with industry to develop and apply technology, measurements, and standards – is advocating for longer passphrases - between 16 and 64 characters in length - over more complicated passwords, in its latest draft recommendations. Additionally, research is showing that changing passwords every 30 days as many companies do, just means individuals make minor tweaks to their password each month so they don’t have to remember a new one every time. This means the password may still be vulnerable to hacking.

So what does the difference between a password and passphrase look like?

Password:  @MeriC@1776

Passphrase: IThankTheFoundingFathersForThisAmericanDream

Hacker algorithms can try numerous variations of “America1776”, but they will have more difficulty cracking longer phrases. Confirming this, NIST Senior Adviser, Paul Grassi said, “Passphrases are much harder to crack and break, and much easier to remember.”

The passphrase is just one example of the solutions being introduced that go beyond passwords and make data security easier to manage. Another example is biometrics – and this is just the beginning of what we can expect to see in the next few years for new paradigms for security. Sinu continues to stay on top of the latest research and tests new password solutions for better data security for our customers while making it easier to manage.

Talk with your Sinu Relationship Manager about the best password security strategy for your organization and feel free to download one of our free white papers covering data security strategies.