The Electronic Frontier Foundation has word lists you can use for this. They recommend dice to safeguard your picks from any system compromise you may have. If you're a little less paranoid about it, you can use this Google sheet I have prepared from the SOWPODS. Finally... DON'T change the pass phrase you make, unless you have a positive reason to believe it's been compromised. Changing passwords on a regular schedule makes people tend to use predictable passwords. And no good can come of that!