[bunchesofdonald]

The comic is already taking worst case scenario into account, that the cracker knows that your password is made of words and which dictionary you used to generate the password.

In the comic he is using a 2048 word dictionary, which gives 11 bits of entropy per word (log2(2048)), with a password made up of four words that gives a total of 44 bits of entropy.

But if we were to assume that the cracker knows nothing about our password, say other than it being all lowercase a-z, then we have an entropy per character of log2(26) or 4.7. For the phrase "correct horse battery staple", which has a length of 28, the bit entropy of that phrase, under those conditions is 4.7 * 28 = 131.6. Which is nearly to the point of the cracker being more likely to find a collision.