Well, I am not very well informed on this topic, however, I tend to believe that the math checks out in the "correct horse" principle. This is a vast oversimplification, but basically longer passwords are better - the brute force complexity of additional length is in the exponent, the character diversity (special chars/numbers/upper+lower case) is in the base. Therefore, make your passwords as long (and randomly chosen - i.e. selection method should not be easy to guess!) as you possibly can.
There has been lots of discussion surrounding that comic. I have read a few articles over time and ultimately landed, one way or another, on considering it bad advice.
Cool thanks for the link! Were you meaning to say that you consider the "correct horse" password selection principles bad advice? Or that the advice given by the author of the article is bad advice?
I feel the "correct horse" method is bad advice. Though, certainly not terrible. I actually followed it for a while and it works amazingly well for memory, but over time I was convinced that the best route is a password manager with randomly generated passwords.
I agree, I think a manager with randomly generated (and long) passwords is the way to go in terms of security + ease of use sweet spot. edit: in addition to 2FA/yubikey type measures.