I was rather pleased with myself!
I have been changing all my passwords to easier to remember but supposedly harder to crack passwords. I had read, on good authority, that making a password longer was a better protection that using lots of funky characters. So for example, I set my gmail password to "when-i-need-to-send-mail". Nice and long. Also, sites that check a password for safety, tell me that's a good password. http://www.passwordmeter.com gives it a 100% - "Very Strong".
I admit that my inutition was confused. I was using common english words. Even though I have a lot of them and a long overall password length, it did feel like it was not as secure as the experts were telling me...
Shoot. Here we go again. Now it seems simple length is not good enough, occording to this article.
For the first time, the freely available password cracker ocl-Hashcat-plus is able to tackle passcodes with as many as 55 characters. It's an improvement that comes as more and more people are relying on long passcodes and phrases to protect their website accounts and other online assets.