The part where this falls flat is that using dictionary words is one of the first step in finding unsecured password. Starting with a character by character brute force might land you on a secure password eventually, but going by dictionary and common string is sure to land you on an unsecured password fast.
Even if an attacker knew that your password was exactly four words from a specific list of only 2048 common words, that password would still be more secure than something like Tr0ub4dor&3
The part where this falls flat is that using dictionary words is one of the first step in finding unsecured password. Starting with a character by character brute force might land you on a secure password eventually, but going by dictionary and common string is sure to land you on an unsecured password fast.
Even if an attacker knew that your password was exactly four words from a specific list of only 2048 common words, that password would still be more secure than something like
Tr0ub4dor&3https://www.explainxkcd.com/wiki/index.php/936:_Password_Strength
That’d why words are from the eff long word list and there are 6 words