XKCD 936 Fires Back: Truncated Passwords
For years, I've chosen my passwords based on XKCD 936, which suggests that a combination of random words provides more entropy than short, random gibberish.
However, this approach once caused an issue during a computer science course. I needed an account on the institute's machines, so I set up the password following my usual method. The next day, they contacted me about a security problem. They had tried to crack the passwords overnight and found mine was just a simple word.
I explained that my password was more than 20 characters long, making it highly unlikely to be brute-forced. Their system was truncating passwords to six characters due to a database issue. Coincidentally, my XKCD 936 password included a common word from their wordlist.
Since then, I've started adding extra entropy to the beginning of my passwords for such weird password storage practices. I also reminded them to fix their security setup.