Originally Posted by Gildwulf
apparently a string of random words like 'horsepotatofarts' is harder to crack than the random number/letter combos. Can neither confirm nor deny that my password was horsepotatofarts.
But just to clarify, I'm pretty sure the advice with a string of random words is that if it's long enough, it can be very secure while still possible to memorize, but if they are the same length, more possible characters are better. For example:
dtR4%'2Yq)&7ysO2 > horsepotatofarts > dtR4%'2Yq) > buttertram
But of course you'll be more likely to remember horsepotatofarts than dtR4%'2Yq)&7ysO2.
I use Keepass and make all of mine 20+ characters. If you'd prefer to have memorized passwords, then long strings of random words works just fine in terms of entropy.