I was watching a You tube video about a guy explaining the current situation regarding how good or bad passwords are.

Most people's are very bad!

The criminal world hacks places like Facebook, banks or anywhere they can get large amounts of passwords, these are encrypted but mostly not well enough anymore. Then they run them through computers that are made to crack them. The one he was using was at a university, was a custom built machine, not for cracking passwords but other uni research. It was about the size of a desktop pc but 3 times higher and was composed of a base computer with 4 high end video cards in it that do the work. These cards have several thousands fairly simple processors in them that are optimized to do simple operations over and over like mining bit coins or cracking and don't really cost that much to build. This particular one could brute force attack a list of encrypted 6 letter (which is or was the standard size) passwords at a rate of, wait for it 40,000,000,000/sec. That is not a mistake, the right number of zeros are present. After that the cracking methods get more complex, so using things like caps and common symbol's and mixing numbers don't work anymore but it does take longer to crack them but they do.

His recommendation is to use 4 common "unrelated" words (Like "cowbreadbeercoma" simpler to remember) with an underscore or symbol placed in one or more of the words ("cowbre_adbeerc&oma") at least 10 carters long, 16 is much better. this complicates the crack so much that even these fast cracking machines have problems. How long this will work???? A password manager that creates random 16 letter hashes is the best right now so you only have to remember one password but if you forget it or you 'puter goes up in smoke your buggered.

P.S. using one of the AULT/KEY letters not used on a regular keyboard will add another level of complexity, at least until they wise up to that one.

Be happy, don't worry - cause it won't help, better of offline anyway.