A typical password is about 8 characters long (and so can be stored in 8 bytes, or 64 bits). However, a typical key for encryption/decryption is much longer, and a key of 64 bits would not be considered secure. Explain this in terms of the difference between the way a secret is used as a password, and the way it is used as a key.
Hint: what happens if an attacker takes a few months to discover the secret?
The matter is that the longer is the code the more different combinations you need to sort out to guess the code and so you need more time and work to unlock the secret.