[vbrandl]

Here is a small back of the envelope calculation. Websters dictionary includes 470.000 words [0]. 52 lower and uppercase letters + 10 digits + ~20 special chars = 82 possibilities. There are are 82^20 = 1.89 * 10^38 possible combinations for passwords consisting of 20 random characters. Picking 7 random words from Websters dictionary has 470.000^7 = 5.07 * 10^39 possible combinations. I'd argue that remembering 7 words is easier for most people, than remembering 20 random characters.

[0]: https://www.merriam-webster.com/help/faq-how-many-english-wo...

[jjk166]

Yeah, for a given level of entropy words are a better choice, but the fact is that dictionary attacks greatly reduce the efficacy of what could be an incredibly strong password if they can safely assume it is formed exclusively from concoctenated standard words. However if you break the validity of that assumption by using a word that's not on a list, then the dictionary attack must be combined with a brute force attack with the same string length. If we assume an average word length of 5 letters, that 7 word password jumps to 1.22x10^79 possible combinations if you randomly substitute one letter.