said by redxii:I sort of do the same thing, but most of the important websites I use (bank, insurance, etc; they are big names everyone knows) impose asinine limitations, such as low max character limits around 12 and unable to use special characters.
That goes right back to the password lockout policy.
That needs to be factored into the relative strength of a password at a practical or real world level.
I'm not aware of any financial site that doesn't utilize an account lockout policy.
Take a financial site that doesn't have one in place add a script, a dictionary, & that complex password is a lot less secure than a simple eight character password protected by a lockout policy.