But that doesn't matter at all if the attacker is targeting your algorithm in particular.

Say my algorithm is to pick the password "1" * 1000 (that's the character 1 repeated 1000 times) and also pretend that 90% of the sites didn't have stupid limits and it was a valid password. It's certainly a long password. The time it would take to brute force it by testing all possible strings in order of increasing length is an unimaginable number. It's not on the scale of the universe - not on the scale of a million universes either.

But now let's say that this "the more characters the better" became a universal truth and everyone jumped on the same bandwagon and did the same quick hack of having 1000 1s. Suddenly, we're all screwed, because the algorithm "pick 1000 ones" is staggeringly weak. In fact, it provides no protection at all - the attacker already knows your password.

The true measure of security measures is not how long they last when no one knows about them - it's how long they last when everybody knows. "Pick 10 random symbols" will last for a while. "Pick 'password'", not even a second.

Where does "pick a meaningful English sentence" fall on the grand scale? That's one incredibly hard question to answer. It's also bloody difficult to break, for reasons of generating sentences, not password entropy.

But does it actually add entropy when a hacker could use a dictionary and combine those words in various ways? The best practice of using several random words is still 'rule based' - the individual 'units' in the password simply become words instead of characters, and the arbitrary length doesn't really matter. Start with the most common 40,000 words in English, and combine them in all possible orders - that gives 2.6e18 combinations. Compare that to the "random" password of length 10, with say, 40 possible characters: 1e16 combinations. I think OP has a point about the relative strength.

Add a few fun prefixes and suffixes hither and yon, and you largely eliminate the "token" nature of words as well. Even a couple of well-placed (but ordinarily inappropriate) uns, antis, disens, ousitys and ishnesses increase the problem space dramatically without significantly decreasing (and perhaps even increasing) the memorability.

> They way I see it, and I'm no expert on this topic, a longer password is better than a short, completely random one. The attacker doesn't know how long your password is, so he will start with short passwords.

Did you read the article? It describes exactly what a possible attacker does. And it's not "start with short passwords".

There's only two options:

- Use a really random password string, from a non-broken random generator

- Do something nobody else does

The latter only works if you can stop yourself from bragging about it on public fora. Which is why one of the best pieces of advice for secure passphrases is to include something really, really embarrassing, horrible, shameful, completely unfit for print and absolutely boring. Especially don't use a funny quip or play on words, don't try to be clever, there ought to be no audience to appreciate it. And if at all possible it shouldn't even look like a password.

(kinda OT) I read that advice many years ago, and I don't understand why Julian Assange did not take it to heart. Remember when that Guardian journalist wrote his book and published the passphrase to that AES encrypted data dump (because the nitwit assumed the AES passphrase would be automatically invalidated after a few hours ...), it was something like "a diplomatic history from <date>" with some random uppercasing, special characters, etc. It would have been pretty strong, except it was WAY too clever and typical-super-secret-password-looking to use for the sort of hypersensitive data Assange was carrying about. If he had simply picked some terribly bad and misspelled slashfic involving Martin Luther King, a dead baby and pres. Nixon--like Spider Jerusalem would've done--no way the Guardian journalist would have published that, anywhere.