🔒 Generate strong Passphrases

Last updated on : 2021-06-11

Rationale

Passphrases are superior to plain passwords, as they are easier to remember for humans, and more difficult to guess for computer. That's why you will only need to remember passphrases, and we'll let the computer remember all your passwords for your by means of a Password Manager.

Instructions

1. Determine how many Passphrases you need

You will need a passphrase for your Password Manager, and every device that you need to have access to without first accessing your password manager.

So, if you use a Laptop or Desktop, we will also create a passphrase to login to that device. Otherwise you might not be able to access your Password Manager to find the password to unlock your computer :)

Your smart devices use PIN codes, not passphrases, so you do not need to generate passphrases for them.

2. Determine how long your Passphrase needs to be

The length of your passphrase - i.e. how many words the phrase consists of - directly determines how strong it is, and how hard it is to guess.

For reference:
- Six words is a very strong passphrase
- Five words is a strong passphrase
- Four words is an acceptable passphrase, and
- Three words is a weak passphrase

For example, with a computer that costs less than USD 1000, it's possible to guess 1,000,000 passwords per second. At that speed a three word passphrase would take approximately 288 days to crack, but a six word password would take 400,000 years to crack!

So it is up to you to decide what level of security you need.

3. Use Diceware

We will create passphrases using Diceware, this is a method to truly select a random phrase, as humans cannot be relied on to come up with a phrase that isn't easily guessable. Sadly, there is no Burmese language version available online, so if you need to generate a passphrase in Burmese, I recommend using a paper dictionary to translate the words into Burmese. Best not to use Google Translate, as your password would be added to your translation history!

  1. Visit the Diceware service.
  2. Select the "Number of Dice Rolls" based on the number of words in your passphrase

Pasted image 20210607214550.png

  1. Press "> Roll Dice!"
  2. If you need your password in Burmese, translate the generated words now. If the words are uncomfortable, generate a new password.
  3. Write down your passphrase on a slip of paper that you keep secret. It's recommended to UseCapitalisedWordsWithoutSpaces as that is the most compatible, and might be harder to guess. Store the passphrase in the most secure place, or destroy it once you have memorised the passphrase.
  4. Try and tell yourself a little story based on the words you have generated - this story will help you remember the passphrase!
  5. Repeat this process for each passphrase you need to generate.