That XKCD comic is good advice. But use a long enough passphrase.
Also, he's being (very) conservative. In other words, he's assuming a very fast password cracker. Roughly speaking, he has a wordlist of ~8070 words, which works out to ~13 bits of entropy / word. Which implies at 3My to crack 7 words he's assuming ~26 trillion (!) password hashes per second.
That's potentially realistic if you're using a fast hash - but you should be using something that's slow (and memory-constrained) for a password hash.
The way password crackers work now, it is quite easy to crack passwords that are combinations of words, even with alphanumeric substitution. The best passwords are completely random, and 24+ characters.
This threw me off as well, I think you are suppose to use the first chart if your password was generated randomly and the second chart if you used words. I am not 100 percent sure though.
Is https://xkcd.com/936/ bad advice?