File Share Encryption

 View Only

  • 1.  Password vs Passphrase

    Posted Jun 25, 2015 09:58 PM

    Hello All!

    One of our customers wants to know the difference between PASSWORD and PASSPHRASE in terms of the use in PGP.

    Like in enrollment, adding users in the PGP, logging in on the boot guard.

    Plese enlighten me on the difference of the 2 so that i can clearly discuss it with our customer.

     

    Thanks!

     



  • 2.  RE: Password vs Passphrase

    Posted Jun 28, 2015 04:13 AM

    Hi nbuengr2,

    passphrase is similar to a password in usage, but is generally longer for added security, and is normally not a dictionary or a known word/fact about the user.

    It is always recommended to have a strong and long password (which is in term known as passphrase) for PGP enrollment, adding user and for email encryption for better security.

     



  • 3.  RE: Password vs Passphrase
    Best Answer

    Posted Jun 29, 2015 10:59 PM

    Hi nbuengr2,

    A passphrase is a longer version of a password, and in theory, a more secure one. Typically composed of multiple words, a passphrase is more secure against standard dictionary attacks, wherein the attacker tries all the words in the dictionary in an attempt to determine your password. The best passphrases are relatively long and complex and contain a combination of upper and lowercase letters, numeric and punctuation characters.

    PGP uses a passphrase to encrypt your private key on your machine. Your private key is encrypted on your disk using a hash of your passphrase as the secret key. You use the passphrase to decrypt and use your private key. A passphrase should be hard for you to forget and difficult for others to guess. It should be something already firmly embedded in your long-term memory, rather than something you make up from scratch. Because if you forget your passphrase, Your private key is totally useless without your passphrase and nothing can be done about it. 



  • 4.  RE: Password vs Passphrase

    Posted Jun 30, 2015 11:20 AM

    The technical difference is simply that a passphrase can contain spaces.  It is then a phrase instead of a word (i.e. "TheCowJumped0verTheMoon!" vs. "The Cow Jumped 0ver The Moon!"

    A passphrase still can be used without spaces, the differentiation is only that it has the ability to use them.  Windows 7 and above allow for spaces, so they would technically be using a passphrase instead of a password.

    I think the main reason to call it a passphrase is simply to remind users that it should be longer, and possibly separated by spaces.  Spaces are a special character, so adding one or more increases the security of the passphrase.



  • 5.  RE: Password vs Passphrase

    Posted Jun 30, 2015 09:26 PM

    Thanks All!

    Now its clear to me