I don’t have a problem with passphrases per se, but when people make them up via their noggin, they aren’t random and aren’t likely to include many obscure words. Using only common words dramatically reduces entropy. E.g., there are only 1 trillion passphrases of 4 words that can be constructed with the 1000 most common words, but a 12-character passphrase pulling from alphanumerics and the ~16 punctuation characters on your keyboard yield 50 sextillion permutations. That’s 50 thousand billion billion.
The argument I am making is that your average passphrase — yes, including "correct horse battery staple" — could be cracked a trillion times over before a password generated via 1Password would be!
The argument I am making is that your average passphrase — yes, including "correct horse battery staple" — could be cracked a trillion times over before a password generated via 1Password would be!