Passwords that contain multiple words aren't as resistant as some researchers expected to certain types of cracking attacks, mainly because users frequently pick phrases that occur regularly in everyday speech, a recently published paper concludes.
Thus is revealed the true message of XKCD #936:
i love jesus is just as awful as a password as
jesus123. This is why I use nonsense passwords.
I should probably look at developing Screttler again.
NB: the original paper is here.