Feel free to disengage at any time. I’m writing to educate other readers, not to try to convince you to change your mind. With regards to your parting shot above, I don’t think it’s deserved. I have been civil throughout, and to the extent you believe my arguments are strawmen, this appears to be the result of misunderstanding on your part or mine, not on any intentional effort to stray from the main point.
I will not attempt a retort to your first point, but suffice it to say that my original argument was just pointing out that a conditional with a false antecedent results in what is sometimes termed a vacuous truth (i.e., P→Q is always True when P is False).
Here, I will just focus on what I believe to be the crux of our disagreement: the validity of the antecedent (which I will rephrase as “There exists a non-random scheme that cannot be guessed in less time than would be required to brute-force the generated password”). I do understand that you consider this to be the case.
My own opinion, which I am restating here to clarify the position I’ve tried to get across in the posts above (not to attempt to goad you into further argument) is as follows:
-
The validity of the antecedent cannot be guaranteed. Consequently, it is possible that it may be false, in which case your generated password is weak.
-
Because the validity of the antecedent cannot be guaranteed, you will never know whether your generated password is strong.
So the case I am making to readers of this thread is simply that randomly generated passphrases are preferable to non-random passphrases, because the strength of the former is guaranteed (and therefore also knowable).