Normandale Community College IT recommends using long, unique passphrases to protect your account. Avoid common or personal information, enable MFA, and never share your credentials to help keep your data secure.

Overview

Keeping your account secure doesn’t have to be complicated. One of the easiest and most effective ways to protect your information is by using a secure passphrase—paired with Multi-Factor Authentication (MFA).
This guide explains what passphrases are, why they’re more secure than traditional passwords, and how MFA adds another layer of protection. 

What is a Passphrase?

A passphrase is a series of random words put together to create a long, memorable login.
Examples (DO NOT USE)

BlueCoffeeRiverSunset10
LaptopBananaCloudDance42

Unlike traditional passwords (like P@ssw0rd!), passphrases are:

✅ Longer
✅ Easier to remember
✅ Much harder for attackers to guess

Why Passphrases Are More Secure

Most cyberattacks try to guess passwords using common patterns, short words, and predictable substitutions (like “@” for “a”).
Passphrases are stronger because:
1. Length Beats Complexity: A longer passphrase (even with simple words) is significantly harder to crack than a short, complex password.
Example:

Tr0ub4dor! ❌ (short, predictable pattern)
HorseBatteryStapleRiver9 ✅ (long and random)

2. Harder to Guess: Random words don’t follow predictable patterns.
Attackers can’t easily guess combinations like TreeLaptopOceanGlass.

3. Easier to Remember: You’re more likely to remember a phrase than a random string of characters—so you’re less likely to write it down or reuse it.

Best Practices for Creating a Strong Passphrase

✔️ Do:

Use 4–5 random words
Make it at least 15 characters long
Add a number or symbol if required
Choose words that are not related to you personally

❌ Avoid:

Common phrases or song lyrics (LetItBe123)
Personal information (starID, names, birthdays, school, pets)
Public Information (commonly known extracurricular activities)
A single dictionary word and common number combination (Summertime2026!)
Reusing the same passphrase across multiple sites

How Passphrases and MFA Work Together

MFA adds a second layer of protection to your login.
Instead of just entering your passphrase, you also confirm your identity using something you have or are, such as:

• A mobile app notification (like Microsoft Authenticator)
• A one-time code sent to your device
• A hardware token or security key

Think of your login like a locked door:

• 🔑 Passphrase = Your key
• 📱 MFA = A second lock

Even if someone somehow gets your passphrase:

• They still cannot access your account without your second factor (your phone, app, or device)

This dramatically reduces the risk of unauthorized access.

Support

For assistance with passphrases, account access, or MFA:

Normandale IT Service Desk

• 📍 Campus: L1701
• 📞 Phone: (952) 358-8181
• 📧 Email: helpdesk@normandale.edu

Submit a request via TeamDynamix or contact the Service Desk directly.

Summary

Using a strong passphrase with MFA helps protect your personal and institutional data, prevents unauthorized access to systems like email, D2L, and shared files, and reduces the risk of phishing and account compromise.  Follow these guidelines to setup a secure passphrase and protect your account.