Re: Password fields need to be bigger.
I've always had a problem with the maths of that particular cartoon. It treats each word as a series of characters (plus common substitutions), be he actually states that passphrase be FOUR COMMON WORDS. Even if you tried all combinations of the top 2000 words, thats only 2000^4 = 1.6e+13 combinations. OK, thats only a smidge less than his 2^44 (1.8e+13), but I could easily prune that search tree with simple heuristics and word ordering. (I'm actually tempted to try this!). If the password is 8 random visible characters, thats 95^8 (6.6e+16).
I type in login many, many times a day, so it needs to be as quick to type as to remember. No way I'm having a 25 digit password no matter how easy to remember. The only use for this I can think of is that 'verified by visa' bollocks, which won't allow it anyway. Every time I need to use that, I can't remember my password, and every possible variation of my memorable passwords has already been used, apparently, leaving me with no choice but to set a new password every time, with even less likelihood of me remembering it. And all that is needed to change the password is my card details and my DoB, so some thief with my wallet would have no problem.
Anyway, my main point is that a sufficiently random 8 digit password will be hard to crack, and if you use it enough, your fingers will remember it, even if you don't.
Oh, and password managers are just a pointless single point of failure (that could go 'tits-up' [http://www.theregister.co.uk/2014/08/12/lastpass_outage/]), and if someone hacks that password, they own you, bitch.
And besides, who the fuck cares what your facebook or twitter password is? Generally speaking, the login password is not the weak link; unless you're a moron with a password like 'password1'
I could go on, but ...