Originally Posted by Rainrider
|
I always thought that was some flawed logic. It's not 44 bits of entropy when you're using a dictionary attack that checks for combinations of 3-5 existing words.
My passwords are usually based on phrases that are easy to remember depending on what the password is for, and then abbreviated, with some letters replaces by numbers, or uppercase/lowercase. It's not that difficult to remember.