Using a long phrase or a short sentence as a password may not be as secure as some security experts think.
Researchers at Carnegie Mellon University’s Institute for Software Research have found that long passwords that incorporate grammar — good or bad — are easier to crack than short passwords without structure.
The research team tested more than 1,400 passwords containing 16 or more characters against a grammar-aware password-cracking algorithm and found that grammatical structure can undermine security.