[infogulch]

> one person could brute force that, in the privacy of their own home, in a trivial amount of time.

Yes. And that's assuming your pattern (26+26+10)^8 ~ 2e14, but the basic character pattern here is 26 * 26^5 * 10^2 ~ 3e10, almost 10000 times weaker. This is an extremely common pattern, most passwords don't follow a uniform distribution of those "numeric, uppercase and lowercase" characters.

[ikeboy]

Or if nipper is in your dictionary (likely, there's a wikipedia page with that title and there's only a handful of million articles, trivial to add every title, or even every word), then assuming a dictionary of 10 million words, the pattern is 2e710*10, another order of magnitude reduction.