Recent comments on posts in the blog:
Seth, thanks for your comment. Your example passwords are safe for banking (and overkill for casual websites), as long as you don't discuss your scheme. I've cut the examples out of your comment in case they reveal to much about your actual passwords. That's unlikely, but I'm being careful.
You're using repetitions of long patterns inserted into conventional passphrases, which makes your examples much stronger than the short patterns shown on Security Now 303 at 76 minutes (YouTube) and Steve Gibson's website.
But the repetition doesn't help because it makes more work for you faster than it makes more work for the attacker. Your examples are over 30 characters long. You could probably choose a 10 character password without repetition that's quicker to type, harder to attack and no harder to remember.
Sorry for my slow response. Comments here are currently moderated, and the comment system doesn't allow me to edit your comment, so I've reposted it after a long delay.
I've improved and expanded this post. I hope it's clearer now.
I read his article found @ https://www.grc.com/haystack.htm. It makes a lot of sense. But he did say not to just add periods into your password to make it longer, but to come up with your own padding and make sure you have at least 1 each upper case, lower case, number, and symbol. If you build your own padding that has all 4 elements and is at least 10 digits long, would that not be pretty secure? For example...
Are you saying that is an easy password to crack? I would love your followup thoughts on this.