Whenever I need new passwords I use some tools to generate those, preferable memorable passwords, but I've been wondering how secure this might actually be.

Using The xkcd random number generator is probably pretty bad, cat /dev/random is probably pretty good, but generating memorable passwords seems a bit more tricky.

Whenever a program generates a memorable password, it only uses a subset of the total password space available, and it is not clear to me how big this space is. Of course a long password should help in this case, but if the `memorable' part of the program is too predictable, your passwords are not very good in the end.

TL;DR: how secure are memorable password generators, given the fact that `memorable' passwords are a subset of total password space?

Some tools I know of:

• pwgen -- seems ok, but passwords are not too memorable
• Mac Password Assistant - generates memorable passwords but it is unclear to me how this works.