I would never remember "battery horse correct staple" either and would have to write it down. But then I don't even know my own phone number and have to think hard to remember my SS#.

What I said in the item about this.

I think I'm going to really think hard about this pass phrase thing because I can't think of any that would be short enough to use with most of the password logins that are required.

I once dated someone who used Greek words, split them in half, inverted them and used alphanumerics. That seems safe, yes? But then again not so much if you can guess what kind of Greek words he'd be using.

In Algorithmic Information Theory, there's the concept of how much information is hidden in a string of bits and it's defined as the shortest computer program that would generate the string (a program being a string of bits, too, and if a string had no internal structure to give it away, the generating string would have to contain the generated string. See also Kolmogorov Complexity.)

Ultimately, though the choice of descriptive languages can make any given finite set of complex strings simple.

You want a password that is sufficiently complex and simultaneously memorable (according to the description language of your memory.) To make these non-contradictory constraints is to declare that your memory is organized in a way that makes it (sufficiently) different from that of a password cracker.

I figure any password that is sufficiently obscure as to be reasonably strong is too difficult to remember, given the appalling state of my memory. After over six years, I still can't remember my 7-digit employee number, so what hope do I have of remembering a decent password?