Passphrases are supposed to be safer than simple passwords in that they are much, much longer than typical passwords, so a brute force attack becomes exponentially* more difficult. Unfortunately, brute force attacks aren’t the only type of attack. More complex dictionaries are incorporating passphrases, meaning that if you have some permutation of a relatively common saying as your passphrase, it might be in a dictionary.
Here’s where I prefer having one nice, secure password (which does not come from common literature) and a whole mess of auto-generated passwords stored in a password wallet.
* – In the literal sense of the term, not the sense that most people use.