I also discovered the password strength estimator zxcvbn at about the same time. It's pretty clever. It works out which password generation schemes could be used to generate your password and then uses that information to calculate the entropy correctly (assuming the attacker would know what scheme you used).
I think that if you implement Diceware at your company, people will still choose their own passwords. It's easier, and how would you prove they didn't?
It's identical to the one that ships with the EFF's OpenWireless router firmware.
I hope it doesn't have security problems. But feel free to prove me wrong!
Going to all this trouble to generate an admittedly excellently secure password continues to pass the burden of good passwords on to the end user whilst doing nothing to alleviate the core problem, namely that I have to regularly use about 10-20 passwords each day.
My preferred solution is www.passwordchart.com
In this, I select one very good password/passphrase (for which I could use this method) and then I use an indicator of where I'm logging into to generate site/program specific passwords, e.g.,
Phrase: cleft cam synod lacy yr wok
Generates: yb63476F9xk6RjGVyp6yp6Hj8347b6y (with +Include Numbers ticked)
Generates: yb6347963m6mj963963RjfRd347b6y (with +Include Numbers ticked)
So, for my remembering one complex passphrase and one strategy for generating passwords I can generate strong, complex passwords for any site I need and don't have to remember a single one of them. The only pre-requisite I have to get into a site on another machine from my own is that I have internet access (or have a printed copy of the matrix, or something like that).
(My dependence on this website is the one weak link in this, and I have actually implemented something similar on my own webspace that I just need to tweak usability for a bit before I switch over.)
1. Your twitter password leaks information about your facebook password. E.g., "e" is encoded as "Rj" in both of them.
2. If attacker gets hold of your twitter generated password and assumes "twitter" is encrypted somewhere inside, he now knows how you encode "t", "w", "i", "e" and "r" in your other passwords. Numbers are easy to guess or brute-force.
3. It's too tempting to just add a number to password in order to change a generated password for some site. But the generated password barely changes (and remember that attacker could know how you encrypt numbers):
Microsoft is one of the biggest offenders of this issue.