On password strength - this is very bad advice! Modern password crackers rely on dictionaries making passphrases actually less secure. Brute force techniques are far more sophisticated than what is explained in the meme. I recommend watching this video to get an idea: youtube.com/watch?v=zUM7i8fsf0g
Thanks Jonathan I'll check it out. Intuitively, it seems like combining 4 or 5 words would mean even a dictionary attack would take an exponentially long time (x entries to the power of how many words you chose).
But then I suppose the quick scalability and immense power of systems like aws and azure, for example, can turn most complex tasks into trivial ones.
I forgot to mention, the video linked is pretty old and some of the advice for good password complexity is outdated, but it gives a decent idea of what a mildly sophisticated password attack would look like.
A passphrase would probably need to be 5 words or above (~50 000 common words ^ 5 = actual entropy, not as explained in the meme) to be more secure than a 12 character password (~71 character choices ^ 12 = entropy).
We're a place where coders share, stay up-to-date and grow their careers.
We strive for transparency and don't collect excess data.