only other note:

longevity matters! for example, short lived passwords are much less a risk than your home wifi password that is setup and the same for years and years...

do tourist locales (LVNV casinos and hotels) use strong passwords? no, but that's less a problem for them given the use case.

best regards,