When you’re creating an Internet password, it would be wise to make sure you don’t talk too good.
A new Carnegie Mellon study reveals that using grammatical structures in passwords—such as “youwillnevercrackthispassword”—can easily be cracked. Using Google Web Corpus (and not some sophisticated password cracker), the Carnegie Mellon team was able to break more long passwords when they were grammatically correct.
The study also showed that the strength of a password doesn’t necessarily increase commensurate with the password’s length.
for the full report.