Periodic reminder:
Your password or passphrase is guessable if you created it from your mind. The only valid approach is to use a RANDOM NUMBER GENERATOR in a machine to create a password or passphrase.
And for the love of gods don't use the same password for more than one site/vendor!
@progo but then you have to trust a password manager... For all your passwords... And then you need an account to centrally store your passwords... Protected by one password... I'm not sold on this yet.
@philcolbourn Use a paper notebook then, and you can use dice and a base-six-numbered word list to generate passwords.
https://en.wikipedia.org/wiki/Diceware
Having it all in a paper notebook is low risk for most people, compared to all the network-based threats to your privacy.
@progo gut feel: this is a bad idea.
1) managing a notebook.
2) words have about 13 bits of entropy - about 2 characters worth. So for 12 character equivalent I'd need 6 words. At say 5 letters per word, that's a lot of typing on a phone keyboard.
3) some services have combination restrictions: length, capitals, numbers, dictionary words have been suggested, symbols, digits.
4) businesses running Microsoft network like combination restrictions and forced changing.
@philcolbourn
IMO typing words on a phone is much more frictionless than typing special characters (having to switch modes on your keyboard, along with all of the glancing back and forth to make sure you entered it correctly). Several words with conventional (or no) capitalization is much easier to type...
@progo
@everlastingrocks @progo agreed. I don't intend to enter them often - once browser has memorised them.