I find that we need to reinvent passwords. If you write a long sentence of twenty words and you miss some letters the passwords should still match somehow. Currently I can't imagine using long phrases for passwords as a small change invalidates the whole thing./