Three random words:
- probably too constrained a space and some argue easy to dictionary attack as a hash.
- doesn't hit the complexity password rules without character substitution.
So add 'magic word' from a key phrase (My mate Boris -> Mm6)
Always prefix or suffix your three words with your magic word and punctuation : you subvert the attack space away from a straight dictionary space and meet the complexity requirements.
PLUS using regular words makes typing easier than 16 truly random characters and punctuation marks.
PLUS if you have sufficient trust in your magic word you can write down the _other_ words in an ordinary notebook (or app).
So:
Mm6=antimony+arsenic+aluminum
Mm6=taken+three+bottles
This is my 'granny' solution. It doesn't need a password app, and Granny can understand it. (YGMV - Your Granny May Vary).