[DanBC]

That's a lousy article. Pass phrases are strong if you exclude anything that's been in print and if you use random words.

Use something like diceware. Ideally, use a 7 word phrase with a good password safe.

The article doesn't use any numbers, and so the author doesn't have a feel for just how strong a passphrase is compared to a password.

Also, the author seems to be missing the point of the xkcd comic. You can create a strong password. $xK!r88w82;)|@N?c463)fpD2SAtRNQq But very few people do this. Because of poor password policies people have a password. PASSWORD. They then modify that to conform to the policy. Must include numbers? PASSWORD89. Must include specials? !PASSWORD89

These are trivially easy to find. Firstly because the limited amount of modification available means other people would have tried it first, and those words will now be in dictionaries. Secondly, crackers can auto-substitute characters in wordlists.