Nowadays, most people use password managers (hopefully). However, there are still some passwords that you need to memorize, like master password (for a password manager), phone lock, wifi password, etc.
Security wise, can passphrase reach the strength of a good password without getting so long that it defeats the purpose of even using it?
I was thinking it would be easy to brute force if just instead of guessing character by character you do word by word…but I guess just adding one special character randomly would make it a non issue.
There are a lot more words than there are characters, even including special characters, so if it is actually randomly generated from a large dictionary, a passphrase is much harder to guess
Brute force is only a thing when either they have the password hash, or the login portal is susceptible to brute force (ie shite). Both cases are rare.