(no title)

So I disagree with the article's advice: "Don't use words in passwords. Ever." Yes, you should use caution when using words in a password, but even if you use a password manager, a 5- or 6-word diceware password is ideal. Even better if you stick on a 4-digit numeric "salt" to your diceware passwords.

But yes, I do agree that a 3-word password is too short (~33 bits of entropy[1]). It should be at least 5 words (~55 bits). And you really need at least 6 words (~66 bits, obviously) for a master password.

1. Using EFF's user-friendly, ~1200 word list for diceware.