IDG Answers is a community of experts who are passionate about technology. Ask a question or answer one below.
Why not use both complexity and length?
I use the KeePass app to save login info and copy it between my laptop and phone, and desktop when I use one. I use it because I possess the data, it's not in the cloud somewhere - I also have it on a USB stick (and yes, it is password-protected too). Some devs will give you an exported KeePass db and its password separately when transferring sensitive logins (db connections, superusers etc).
KeePass also tells you how secure a password is before you save it:
DxitLOazKJEGvjo 15 letters is 86bits
8ZzEm6IMON4H0su adding numerals is not much more secure, 87 bits
jIsrk;QRlq8@&Bi adding special characters is 99 bits
C1!x0 reducing that to 5 characters it's 32 bits
kNJWt letters only is 29 bits, so for a short PW the complexity is not adding much
explain xkcd says length is more important than complexity; and that was demonstated by my examples
more info on Wikipedia