Indeed. Using Wikipedia as a resource, adding a random word from a 7776-word dictionary adds ~13 bits of entropy, while adding a random character adds ~6 bits of entropy. Adding one character makes your password 26 = 64 times as hard to guess, while adding a word makes it 213 = 8192 times as hard to guess, or about the same as adding two random characters (and probably much easier to remember than any two random characters).
The problem is choosing a random word. “Love” is a random word. “iloveponiestails” is not a good random sequence. “uniformlovepurplehospitality” is better, but since I came up with that mentally, it’s probably still suspect. Diceware gives me “UnityMullOfMiltCupidChop” for ~ 78 bits of entropy, generated randomly. That is, an attacker could know that I used this website to generate the password from six random words, and it would still take them 221,073,919,720,733,000,000,000 attempts (that’s 221 septillion attempts, or ~700,000 years at 10 billion passwords per second). That’s if they know the word list that I started from.
Schneier is both right and wrong: He’s wrong in that, done properly, stringing together a bunch of random words is a really good way to pick memorable passwords. He’s right in that people will hear “pick four random words” and then string four words together that fit together, and thus will create an insecure password.
There’s not much you can do to prevent people from following well-written instructions poorly, but that’s no reason to criticize the instructions.
