Dictionary attacks have been around for a long time, but It’s still quite strong especially if you throw in a number.
A fully random 8 character password has about 10^14 brute force combinations (assuming upper and lower case + the normal special characters). 4 words choosen at random from the top 3000 words (which is a very small vocabulary really) is 10^13 dictionary attack combinations, add a single number or account for variations in word style (I.e maybe don’t always use camel case) and you’ve matched the difficulty. If you use 5 words it’s 10^17 combinations.
A password manager and a hard password is a better idea but there are cases where you can’t use a password manager (like the password to said manager).
Dictionary attacks have been around for a long time, but It’s still quite strong especially if you throw in a number.
A fully random 8 character password has about 10^14 brute force combinations (assuming upper and lower case + the normal special characters). 4 words choosen at random from the top 3000 words (which is a very small vocabulary really) is 10^13 dictionary attack combinations, add a single number or account for variations in word style (I.e maybe don’t always use camel case) and you’ve matched the difficulty. If you use 5 words it’s 10^17 combinations.
A password manager and a hard password is a better idea but there are cases where you can’t use a password manager (like the password to said manager).
I’m a basic little shit so, I basically use a correct horse + number password for my PW manager