And if you did, you would almost certainly write it down, or have it stored somewhere so you didn’t have to remember it.
The point of the XKCD cartoon, as I understand it, is to consider passwords that a human being could remember without writing down.
94^8<10^{16} which may be acceptable for some purposes (e.g., if each access attempt takes 1 second), but I would not go so far as to call that a ludicrously large number of passwords. That’s like 54 bits.
You can memorize 8 nonce characters without writing it down, but the point is that it is much easier to memorize words from an equivalently large or larger keyspace.
ETA I just looked at one sample password generator; there are several lists of words designed for use with dice, e.g. the short list has 6^4 words, a couple longer lists have 6^5. The default is to pick 5 words.
Example short password (roughly comparable to 8 printable ASCII, with 6^{20} possibilities):
thud-trout-chili-voice-owl. Longer/slightly more secure (6^{25}): movie-tight-etc-fifth-raven
And really the most important thing is to use different passwords for different sites.
Some site is storing your password in plain text, or a reversible hash. When that site gets hacked, all of your other accounts are vulnerable, regardless of how good the password is.
Use a password manager, with a good pass phrase to unlock it, and then truly random passwords for all of the other places.
If you can’t be bothered to use a password manager, then write them down. That might be poor physical security, but if the threat your defending against is a foreign bot army, the notepad by your computer is safe.
You switched the numbers around. 8 characters with 94 possibilities for each is 94^{8}, or 6\times 10^{15}.
OMG, you are right. My last comment, that the exponent is more important than the base, suggests by itself that length is more important than the number of possibilities. Brain cramp.
Right, which is why I question the word salad method.
The “length” of correcthorsebatterystaple is actually only 4, if you are using a dictionary to crack it.
There are about 170,000 words in English, or at least that’s how many the Oxford dictionary has.
So, we have 170,000^4. Now, that’s not a small number by any means, but it’s a bit smaller than 62^12, which would be a 12 digit password made up of capital and lowercase letters, along with numbers.
I found the Computerphile short videos on this topic very interesting:
Password cracking: This discusses the software tools for hacking passwords and why certain passwords are easier to crack than others.
How to choose a password: Obviously some advice on how to pick a password, though he concludes to just use a password manager
The conclusions are similar to the XKCD, in fact I think he mentions the comic at one point.
If my password is literally a full and complete 7 word sentence from a movie, is that a good or bad thing for security purposes?
62^12 is a 12-digit password made up of capitals, lowercases, and numbers, if you pick every one of those characters at random. But the problem is that almost nobody does that, and even if you did, it would be extremely difficult to memorize. What most people do instead is take some word and replace a few of the letters with similar-looking numbers, like 4 for A, 1 for I, or 0 for O. And that gives you a much, much smaller number of passwords.
All any of this show is that by using some combination of:
are far more effective than password alone. MFA alone reduces hacking by a factor of about 1000x. CA uses location and other factors to block access if you are not where it thinks you should be. RL prevents the use of rainbow tables by preventing more than, for example, 5 attempts in 10 minutes. Figuring out H0rs3 vs horse is tough when 94 x 10e5 takes years.
Don’t play that game! 
Meaningless. The vast majority of those 170,000 words are obscure and not in people’s vocabulary. People are going to use words from the few thousand most common words.
But it would really be 4000^4, which is way smaller.
Exactly. This is the crux of the XKCD argument. He asserts that a ‘traditional’ password only has 2^28 practical choices (with some leeway that it could be a few bits higher – maybe 2^32 for example). This is based on using a single uncommon word from one of 2^16 choices.
Whereas his suggestion is to use 4 common words with a common word having 2^11 choices. So the XKCD method has 2048^4 or 2^44 choices.
A completely random 8 character password might have 96^8 or about 2^52 choices, but you’d have to write it down.
It’s not hard to get the XKCD method to that level – optionally capitalize all of the words and use one of 10 word separators. Or just use 5 words.
.
A compromise perhaps would be to use the “traditional” method but combine 2 words or a phrase. For example, GoneWiththeWind could be G0n3With7h3W1nd! or maybe Gone1With2the3Wind if you’re not into leet-speek. Between random capitals, inserted numbers or punctuation, or whatever - the entropy goes up significantly while not detracting from the memorability. Plus there’s mixing it up - 2B0rNOT2Be!? as an example. “January Suborbital Denomination” still sticks in my mind as a speech recognition password from Mission Impossible in the 1960s. Until this post, it was probably not a candidate. When you get to that level of vocabulary, I suspect the standard “a well read person has a vocabulary of 10,000 words” no longer applies.
The key point is to not tell others what your technique is. The key to decoding Enigma, for example, was to get their hands on an actual machine and see what it did. ,and the Germans relied on the same technology throughout the war.
As for tries - unless the bad guys have stolen the hashed database of the compromised website, we sincerely hope websites are smart enough to lock out an account after X bad tries. (Someone I knew figured out, for example, that many years ago the IBM VM/CMS flaw was that it reset the counter after each good try, so try 9 times then login with a valid account, logout, and try again 8 times, etc.) Another trick websites could use is to delay the approval of good or bad logins with a second or two delay. 2^44 choices at 1 second apiece is an appreciable time. (half a million years?)
It’s been about a decade since I’ve seen remote login attempts to Windows servers in bulk (usually from China or Romania). Modern firewalls have curtailed that opportunity, as has Microsoft.
The thing nobody mentions is - the more complex the password requirements, the less easy to pick another each month. One fellow I knew did a rotation like Eleven11 Twelve12 Thirteen13 etc. except the word part was in his native tongue, not English. Add in foreign words, and you add an order of magnitude to the issue (don’t know which language? Huh!). Add in proper names, place names, dates - all combined for obscurity - and the complexity increases even more. If my birthdate is - to pick a random date, its not - May 16, 1993 - there are probably dozens of ways to write that one date, order with or without punctuation using underscore or dash or = or $ for separators, or full words for month and day, or spell out numbers, etc…
Sort of like the engineering and compsci joke - “It’s impossible to make things idiot-proof because idiots are so clever…”
If you know someone’s technique, it’s a huge step toward cracking a password.
This is the critical problem.
The entire premise of a lot of these password techniques is to prevent brute force or rainbow attacks on password databases. Nobody is attacking logins directly.
Therein lies the flaw to the XKCD technique. It becomes a known technique and thus yet another one to add to a list popular techniques to attack with. Thus its entropy drops.
The alternative of a password manger with lots of silly strong randomly generated passwords is much more secure. Unless your password manager database is stolen, then it reduces to the entropy of your master password.
It would be interesting to see some modern numbers on successful technical password attacks versus social engineering. After all, there is an XKCD for that too:
How do these password cracking bots get absurdly large numbers of tries to guess a password? The systems I’m used to lock me out if I use the wrong password a certain number of tries, usually 3 or 5, not billions or trillions.
I just ran Warnakulasuriya Patabendige Ushantha Joseph Chaminda Vaas (with spaces) into it. It will take 100 octovigintillion years.
Using just last name and initials (with spaces) takes a week.
The solution is obvious. Use full Sri Lankan names.
The perfect solution! Or some Welsh place names.