It depends entirely on your security requirements, but all in all, in broad definitions, 42 bits is not enough. Maybe if key rotation happens fast enough, faster than expected brute force, then, maybe? Again, all up to definitions and context.
Let's not forget that this "passphrase generator" is mostly a joke :D