After all, passwords are the only things we need to care about. They bar hackers from exploiting us further, even if the databases get leaked from the companies we trusted. But, making them stronger by adding complicated characters as numbers, special characters etc, makes us confused in return. So the best way to set a password, and as recommended by NIST and FBI Portland, is to set your passwords in passphrases rather than just alphanumeric.
Prefer Passphrases over Complex Passwords
For decades, everyone believed that making passwords complex by adding special characters and numbers make it hard for hackers to breach in. It did work, but not for long. With sophisticated resources, they’re able to crack passwords anyhow. So now it’s time to update your passwords in a more sophisticated way – Passphrase.
A passphrase is a combination of words, mostly unrelatable to each other. These are to be remembered sequentially, making them the strongest one to crack. And by sagging this phrase longer, it would make much harder for anyone to guess since the words had to be aligned sequentially and as set before. This will eventually cost more time than special character included alphanumeric passwords.
National Institute of Standards and Technology (NIST) have long suggested the same – to use passphrases over complex passwords. FBI Portland too made the same suggestion. This was even supported by researches too, as complex passwords with special characters would easily be forgotten by users and passphrases can help a bit better.
There are several online password managers to help remember your passwords for you, but trusting a third party is always risky. So remembering yourself is always recommend and if that’s by passphrases, it could be easy to remember. Many online sites that have user logins are suggested to increase their password support for upto 64 characters so that users can set lengthy passphrases.
Read other suggestions from NIST here.