Just to add to the above comment, a diceware passphrase is MUCH harder to break than most people realize. For example, compare the possible number of combinations:
Diceware, 6 words 2.2 x 10^23
Diceware, 5 words 2.8 x 10^19
Diceware, 4 words 3.6 x 10^15
a-zA-Z0-9, symbols, 10 4.3 x 10^19
a-zA-Z0-9, 10char 8.4 x 10^17
a-zA-Z0-9, 8char 2.2 x 10^15
A 6 word diceware phrase has 100 million more combinations than the 8 character alphanumeric.
You might wish to consider these in terms of entropy, which is typically given in bits:
Diceware, 6 words 77 bits
Diceware, 5 words 64 bits
Diceware, 4 words 51 bits
a-zA-Z0-9, symbols, 10 65 bits
a-zA-Z0-9, 10char 59 bits
a-zA-Z0-9, 8char 50 bits
For any remote site, I recommend using 22 characters from [a-zA-Z0-9]; this is 128 bits, and is easily copy-pasteable.
It's highly amusing when a site tells me that such a password is insufficiently complex, given that it will never in the lifetime of the universe be guessed.
A 6 word phrase is also over 3x as long as an 8char password.
The entropy calculations are probably generous. The wordlist isn't as long as it looks, because some of the words are strange and people tend to re-roll if they get something like that. It's probably better to assume there's only 1000-2000 "words" people will safely combine.
The instructions explicitly tell you not to reroll strange words. Look them up or use them as a mnemonic. Or if you don't like the strangeness in the default diceware word-list, find a word-list you like better. (There are several alternatives including fun ideas like using a foreign language word-list and learning the pronunciations and meanings of those words.)
Also, the combinations list assumes that the attacker knows the method/word-list used to generate the password, which may not be foreknowledge the attacker has access to, especially in cases of giant many account password brute forcing attacks.
It should be clear that brute-forcing a passphrase is much more complicated than a PIN number, in the best case for you (worse case for an attacker).
Just because your passphrase may essentially be a PIN look up into a lookup table doesn't mean the attacker knows that or has access to the same lookup table.
You can also add additional entropy via punctuation or casing.
The point to a random passphrase is to try to avoid "human" mistakes like over favoring a subset of words, and rerolling words you don't like potentially makes your collection of passphrases more susceptible to analysis or social engineering (word association) attacks.
Like I said, it's generally better to pick a word-list you are comfortable with all the possible words than to subset a word-list you aren't entirely comfortable with.
The goal of something like Diceware is to be easy for humans to memorize but also still true random (see: xkcd's battery horse comic). If you don't need to memorize it, then yes, why not entirely generate a random sequence of letters/numbers/symbols/emoji.
This kind of assumes that you're trying to crack a password with the operating assumption that words are indeed not used, that every character is random, and that you wouldn't use some sort of word library to construct passwords.
No, it doesn't. It assume that you know exactly that the password is a Diceware password. The standard word list has 7776 entries, giving 7776^6 ~ 2.2*10^23 combinations for a 6 word passphrase.
