Proudly supported by

Australian Government logo


Resources Hub / Boost your cyber resilience / How to make a strong password: upgrade to passphrases

How to make a strong password: upgrade to passphrases


Passwords really are your first line of defence against cyber break-ins— the keys to your business. Strong, long and unique passwords make your accounts more secure and are more likely to keep hackers out.

With supercomputers and AI (artificial intelligence), short and simple passwords are easy for cyber criminals to crack.

Reusing passwords across different business or personal accounts can make you a target for ‘credential stuffing’ scams. One compromised account is like giving cyber criminals the master key to your entire business.

It is the job of Cyber Wardens to help their organisations keep passwords and data safe and you can do that by helping your small business team master the art of creating strong, long passwords.

In busy small businesses the temptation to use short, simple passwords and repeat them is an easy trap to fall into. If you’re doing your best to create secure passwords and struggling to remember them all — you’re not alone. 

We’re here to introduce you to a great alternative to passwords: passphrases. 

What is a passphrase?

Passphrases are a type of password that are harder for cyber criminals to crack and easy to remember, which makes them an easy cyber safety win. Passphrases are longer and they contain a sequence of random words, usually four or five. The trick is making sure it isn’t a sentence, but an easy combination for you to remember. Some examples of passphrases include:

Why should I use a passphrase?

According to the Australian Cyber Security Centre, passphrases can be even stronger than simple passwords. That’s because the powerful ‘bots’ that cyber criminals use don’t actually take that long to figure out a password. A passphrase is much harder.

Passphrases can be much easier to remember than complicated passwords like: cYb3rS@fe!

Unfortunately, those pesky cyber criminals aren’t fooled by swapping A for @ or $ for S, as much as we would hope.

How do I create a strong passphrase?

A good passphrase generally contains at least four words that are unrelated and unpredictable.

The best way to generate a passphrase is to choose completely random words. Be extra careful and make sure they don’t contain any personal information.

Many websites now require you to have a capitalised character, number and symbols. You can still add this to passphrases like: safe party plant returns0!lock # caterpillar 8 seven moon

Next steps: setting up your passphrase

Passphrases_Blog images_Upgrade to passphrases

You can use a passphrase wherever you use a password. All you have to do is update your password. 

To start with, try choosing one or two accounts or systems you use frequently to test out a passphrase. Over time you’ll notice they are easier to remember. 

Pro-tips when using passphrases

Don’t duplicate passphrases

Ensure each passphrase for every account is unique (no double-ups, ever!). This means that if one does become compromised, you haven’t been breached on multiple fronts.

Keep your passphrases to yourself

Sharing your login details with team members might save money but it increases your cyber risks.

Use a password manager to safely store passwords

Apps can be used to securely manage passwords for all of your accounts. Using one will keep your account more secure.

Add a virtual alarm by pairing passphrases with multi-factor authentication

If your passphrase is ever compromised, multi-factor authentication adds another layer of security to keep your account protected. 

With Cyber Wardens, you can keep your digital floors clean and free of cyber criminals fishing.

Learn easy and simple cyber security tips for your small business

More helpful resources for you and your business

It happened to me!

Have you got a Cyber attack story to share? Your story can help other small businesses protect themselves.

It happened to me!

Have you got a Cyber attack story to share? Your story can help other small businesses protect themselves.