There seems to be a thing about entropy you do not understand. The information on the password structure is part of the entropy as well as the actual contents that you fill the structure with. There is a function f that assigns to each possible password p a probability f(p) that a user would choose that password. The function is obviously unknown, and undecidable/uncalculatable, since it depends on the user, who is, in approximation, turing-equivalent. A perfect password bruteforce tool would try the passwords strictly in the order defined by f. However, since f can not be calculated, all password bruteforce tools can only use an approximation. One approximation would be 'a' 'b' 'c' 'd' ... 'z' 'aa' ..., but that approximation is obviously pretty bad. An other approximation would be a wordlist, followed by combining words, putting special characters in words, etc. An other approximation would be iterating over all words, but 'decompressing' with an algorithm as I have stated in my post above. That way, you would catch d0G..... pretty fast (at the same place where you would place a 9-character-password with the brute-force approach, or something like that). While crackers are certainly still far away from a good approximation of f, I can assure you that they are getting better and better. Using a low-entropy password such as d0G.... will only work until the cracker's approximation of f gets good enough (e.G. by self-learning AI, or simply the decompression algorithm I proposed). Hence, d0G.... might give you a feeling of false security, since its entropy is extremely low, but you hope the cracker does not know that passwords of such structure exist yet (now that you have posted the structure on slashdot... well... he certainly does. but even if you hadn't, if he uses the decompression approach, he can already crack it easily).