Sure, I agree with you if it’s a password that I expect to have that use case (e.g. streaming service, home wifi network). Most of my passwords don’t though.
As a side note, assuming that they’re equivalent length I would argue that a random password is more secure than a passphrase (of equal length) composed of dictionary words because it’s more resistant to dictionary-based password cracking. That said, the point is moot. As xkcd has shown us, length is the main thing that matters. There’s effectively no difference in practice. I always tell people “the longer the better” in either case and I recommend passphrases for secrets that have to be memorized or typed.
That said, I think an acceptable medium would be to use a passphrase, like you’re suggesting, for a situation where entering it via a controller or remote is a legitimate use case. In fact, my password manager lets me pick and can generate passphrases or passwords. Not sure if that’s a feature in KeePass.
For the rest of the time when I don’t need the use case, I’ll simply generate a long random password using my password manager. It’s a faster workflow integrated into the tool itself and theoretically more secure against some attacks.
Sure, I agree with you if it’s a password that I expect to have that use case (e.g. streaming service, home wifi network). Most of my passwords don’t though.
As a side note, assuming that they’re equivalent length I would argue that a random password is more secure than a passphrase (of equal length) composed of dictionary words because it’s more resistant to dictionary-based password cracking. That said, the point is moot. As xkcd has shown us, length is the main thing that matters. There’s effectively no difference in practice. I always tell people “the longer the better” in either case and I recommend passphrases for secrets that have to be memorized or typed.
That said, I think an acceptable medium would be to use a passphrase, like you’re suggesting, for a situation where entering it via a controller or remote is a legitimate use case. In fact, my password manager lets me pick and can generate passphrases or passwords. Not sure if that’s a feature in KeePass.
For the rest of the time when I don’t need the use case, I’ll simply generate a long random password using my password manager. It’s a faster workflow integrated into the tool itself and theoretically more secure against some attacks.