For user security, passphrases beat passwords every time. They are easy to remember and can be sufficiently long enough to be secure. To encourage our staff to use passphrases, their initial password is set to one and they are encouraged to generate a new one when they change their password.
You can use this PowerShell script as a starter to generate your passphrases:
$rand = new-object System.Random
$words = import-csv ".\words.csv"
$word1 = ($words[$rand.Next(0,$words.Count)]).Word
$word2 = ($words[$rand.Next(0,$words.Count)]).Word
$Passphrase = $word1 + $word2
while ($Passphrase.length -lt 12){
$word3 = ($words[$rand.Next(0,$words.Count)]).Word
$Passphrase = $Passphrase + $word3
}
return $Passphrase
To adjust the length of the passphrase, change the number 12 that is on the while line to a higher or lower number. You will also need the words CSV file as this script reads from it until a passphrase is long enough. You can download that CSV here.
If you want to get fancier, you can also add in numbers or symbols between words by importing additional character lists as CSVs. You could also change the casing of randomly selected words to increase your available character set or import additional word lists into the words.csv file.
This brings us to the title of this post. The words.csv file should generate appropriate passphrases for all ages. The list is built from the most common English words + a few custom word lists. Curse words and questionable words (drugs, slurs, etc.) have been removed. One small warning though – word combinations can lead to … interesting outcomes in your passphrases.
For example, a new teacher received the passphrase penciltramp when her account was automatically created. HR was not too happy about that selection. I now include a disclaimer that passphrases are randomly generated in the new account notifications that they receive. If you do start generating passphrases, learn from me and add that disclaimer in advance.
And when you generate a questionable or humorous passphrase, leave a comment so that we can all get a good laugh, I mean, learn from it.