A passphrase is a string containing multiple words that is used to authenticate a user on a computer system. It may be used in combination with a username to create a login or may be required separately for additional authentication.
The words password and passphrase are sometimes used synonymously, but they have different meanings. By definition, a passphrase must contain a phrase that includes multiple words, while a password may only have a minimum length of six or eight characters. There is no universal required length for a passphrase, but a typical passphrase is 20 to 30 characters in length.
Since passphrase are usually longer than passwords, they are generally more secure. However, they can be less secure if common phrases are used within the passphrase. Examples of insecure phrases include song lyrics, common sayings, and well-known quotes. Strong passphrases include strings that are not dictionary words and contain special characters, such as ampersands, commas, and periods. A good passphrase should be unique but be easy to remember.
NOTE: As long as a system does not limit the length of your password, you can use a passphrase instead of a password.
Updated: October 9, 2015