As some of you may know (I blogged, a year ago), we generate easy to remember, but long, passwords for various systems. The entropy in these is high (see xkcd/936 for details). The beauty of them is that they are easy to remember as they are constructed from real words.
We have some nice long word lists and have even organised them as adjectives followed by nouns to make even easier to remember. The word lists are longer than those suggested by Randall. But even if you had the exact word lists we use you still have very high entropy in the passwords. We use a true random number generator even (because we can).
There is, however, a problem, a side effect Randall did not explain. It is not just rude words (which are not too hard to eliminate from the word list) but word combinations that can be offensive.
One we noticed today, and have re-generated, is "starvingchildstillebony". None of those words are a problem on their own, but together they may be offensive.
There are some real gems that come up. But, of course, there are even more complex cases where we do not punctuate the words. I saw on facebook a hash tag of #susanalbumparty which is a bit "sus" to say the least. I suspect the word "therapist" is in our list as well...
Anyway, I think our customers are suitably understanding that a random number generator cannot really be out to get them, and they can just click to regenerate a new password.