If you created your passphrase by just trying to think of a good one, there’s a pretty high chance that it’s not good enough to stand up against the might of a spy agency.
The reason that your password or passphrase is probably not good enough is that it lacks something called entropy. You can think of entropy as randomness, and it’s one of the most important concepts in cryptography. It turns out humans are a species of patterns, and they are incapable of doing anything in a truly random fashion.
To create *entropy* you can simply use Dice! That's right, if you are really keen to create the most unique passphrase around use dice to roll 6 numbers.. Write each number down then look up the corresponding word in the Diceware list that corresponds with you numbers and volah! that is the first word of your passphrase. Now repeat than 7 times to get a 7 word passphrase! ...or you can use password manager or online password generator who will roll the dice for you.
...or you can use password manager or online password generator who will roll the dice for you.
The "best" length and composition of passwords is hotly debated amongst cyber security people, and in many cases are being complemented with multi-factor authentication (a combination of something that you know, something that you have or something that you are), but in the most part it holds true that to have a strong password they should be:
Passphrases are most effective when they are long, unpredictable and unique.
A good passphrase should have **at least 15, preferably 20 characters** and be difficult to guess. Refer back to our earlier comments about entropy.
Password managers (which can also be used to store passphrases as well) enable good cyber security habits. Having a unique passphrase for every valuable account may sound overwhelming; however, using a password manager to save your passphrases will free you of the burden of remembering which passphrase goes where.
A lot of web browsers provide an in-built password manager. You might have noticed the pop-up window asking to store your password when logging into accounts. Password managers are also sold separately, however, quality and security may vary.
When using a password manager: