Do you remember your first password? I used âpasswordâ for my Juno email and internet service back in 1996, and I thought it was very clever at the time. But now, I cringe at how easily guessed that would be. With experts urging us to move away from passwords and at least towards passphrases, I wondered if my passwords could include spaces?
Generally, passwords can have spaces for many online services and device operating systems. Some accounts with outdated security models may restrict the space key, while others fully support it. The space character is a useful addition to turn a password into a passphrase, which is harder to crack.
If youâre allowed to use spaces in your password, then use them to make your password harder to crack. Most users donât know this secret, and it can make your account more resilient to attacks. Youâd be surprised what online services support using the space character in passwordsâŚI mean passphrases.
Popular Sites That Allow Passwords With Spaces
There are quite a few popular sites that allow passwords with spaces. Hereâs a table of what I tested:
| Social Media Sites | Mail Service Providers |
| Gmail | |
| Yahoo | |
| Outlook | |
| TikTok | AOL Mail |
| YouTube | Proton Mail |
You have two options if you encounter a site that does not allow passwords with spaces.
- use a special character like a dash or underscore as a replacement for the would-be space character
- use a password generator to generate a strong password
In either case, storing the passphrase or password in your password manager is critical.
Why Canât Your Password Have Spaces Sometimes
There are two significant cases where websites may disallow your password with spaces. The first scenario is in the case of outdated security models, and the second is to avoid confusion.
Outdated Security Models
In the early days of computing, many systems used a âblank delimitedâ approach to passwords. This means the password was divided into pieces at every space character, and each piece was treated as a separate word.
These outdated security models were created with limitations in an era where password hacks were less common.
Nowadays, dictionary and brute force attacks are a huge problem, with big names like Yahoo experiencing major password breaches.
Having and using spaces in passwords helps to foil these attempts.
To Avoid Confusion
Another reason passwords with spaces may be disallowed is to avoid confusion. When you enter your password, itâs easy to add extra space characters accidentally before or after the password. Login systems trim off spaces at the beginning or end of passwords.Â
For example, the string â passwordâ (note the space before the word âpasswordâ) may be seen as a âpasswordâ by the system without the space.
True Story: Iâve personally had to program authentication with this additional logic. My company had far too many tickets from users that couldnât log in due to their accidental inclusion of a leading or trailing space character.
Another point of confusion is user acceptance. Most people do not understand that the space character is perfectly legal to use in a password, making it a passphrase. Â
Another True Story: A technician requested the use of our guest Wi-Fi. I showed him the sign displaying our passphrase. He could not wrap his head around the need to use the space key when entering the passphrase.Â
Okay, if passwords can (mostly) have spaces in them, you might wonder if itâs worth it.
Are Passwords With Spaces Safer?
According to Verizonâs annual Data Breach Investigations Report (DBIR) in 2018, weak passwords accounted for 81% of all data breaches. I guess that you donât want to be in that 81%.
Using passphrases is one of the most effective ways to maintain your online accounts, according to BeyondTrust â an independent software, Identity, and Vulnerability firm.
To turn your one-word passwords into passphrases, include spaces within them.
A Passphrase
Passphrases are highly secure and rarely found on password trading markets. Did you know there is a market where stolen passwords are traded, much like a trading store?
However, do not use common passphrases that can be found online or passphrases from pop culture like song lyrics.
Logically, passphrases are an innovative and safe way to secure your account. Since most password-hacking software and tools are not designed for passwords with spaces, someone trying to guess your password would ordinarily not add spaces to their guess.Â
Spaces will significantly reduce the susceptibility of your account to brute force and exhaustive guesses; hence, the security of your password is considerably stronger.Â
Additionally, most password directories available to hackers online rarely contain passwords with spaces.
A cybersecurity team member at Proton Mail rightly remarks:
Unlike complex one-word passwords with lots of special characters, passphrases are easy to remember. If your âsecure systemâ isnât easy to use, people wonât use it, negating the security benefit.
This means that a passphrase will offer you top-notch security and ease of remembrance. Killing two birds with one stoneâŚthat sort of thing!
Can Wi-Fi Passwords Have Spaces?
Not all WiFi-supported devices can allow spaces.
Unfortunately, you can do little to nothing about that; it depends more on the type of Wi-Fi device or router you have and what password settings the manufacturer allows.
The so-called firmware for routers and Wi-Fi access points are usually a few steps behind implementing password practices. If allowed, itâs a great idea to use spaces for your Wi-Fi password.Â
As I said earlier, we do.
Now that you have a strong password (I mean passphrase), where do you store it? In a password manager or your memory?
Read on to get answers to this second password dilemma.
Password Managers vs. Your Memory
Experts recommend doing away with password memorization.
From user experience, this is both risky and inefficient; a password manager would be more efficient in making all your passwords more secure.Â
The challenge with memorizing passwords is that humans are bad at remembering random things, so if your password is a random combination of words, youâd have a harder time remembering it; this technically limits how complex your password can be.
On the other hand, a password manager can help generate, store, and auto-fill strong passwords for all your accounts. The only thing youâll need to remember is the ONE master passphrase for your password manager â which should absolutely contain spaces.
Check out Bitwarden and KeePass as good free and open-source software (FOSS) password managers.
Remember, thereâs a lot at stake if your password is leaked in a data breach.Â
