wordlist

There are words in your password, resulting in ~ bits of entropy (~12.92 bits/word, ~10 bits/letter, and ~5.16 bits/symbol). That many words equates to a total keyspace of ~ possible phrases (7776^WordsInPhrase). An adversary might get lucky and guess your phrase on the first try, though the chances of that happening are very slim. On the other hand, the brute-force attacker might be forced to try all of the keys in the keyspace to finally find that the last guess was the correct one. On average, it takes trying 50% of all phrases in the keyspace to find your phrase. The time it takes to discover your passphrase is based on how many guesses per second your attacker can muster. At the lower end in 2016 a small cluster of GPU's have demonstrated the ability to crack ~350 billion hashes/second. A nation state actor like the NSA may be able to perform quadrillions/second. Conservatively assuming a professional adversary can guess passwords at the rate of a keys/second (Edward Snowden suggests being prepared for a Trillion guesses per second), an exhaustive brute-force search on 50% of the total keyspace might take:

~ seconds

~ minutes

~ hours

~ days

~ years

~ x avg. lifespan

~ millenia

~ x age Universe