I've been following an interesting discussion taking place on Google Group whose members are technology leaders at regional independent schools. The conversations in this discussion are about the merits and challenges of multi-factor authentication (MFA) in a school environment (i.e. for students and/or teachers) and different ways to approach it when trying to balance smooth user experience with responsible security practices. One of the things that came up was password strength, and one member posted a link to the comic below.
I then started to check out other discussions on web forums about the broader perspectives on this password theory, and several posts pointed to various research on this topic. There is no conclusive evidence (yet?) or at least any certainty within the research that I looked at. What I did find find interesting is that there is a free, open source tool, for generating 4-word pass-phrases, inspired by the very comic above: correcthorsebatterystaple.net.