Nowadays, most people use password managers (hopefully). However, there are still some passwords that you need to memorize, like master password (for a password manager), phone lock, wifi password, etc.
Security wise, can passphrase reach the strength of a good password without getting so long that it defeats the purpose of even using it?
I have one that I like to imagine as secure as fully randomised passwords. It’s four words but, because I’m a cool pwnz0r, the second and last word are written in leetspeak. The phrase is super easy for me to remember and the leetspeak portion has become muscle memory by now. But I only use it for my password manager. For everything else it depends if there’s a good chance I’ll need to login via my phone (no pw manager there). If yes, I use one of my couple rather-safe passwords. If no, I’ll let KeePass2 go to town with a random one.
Oh and I’m subscribed to the haveibeenpwned leakletter, so i know as soon as possible when definitely to change my password.
correct h0r53 battery 5t4p13?nah man
correct |-|0.-5€ battery 5+4|°|€