It depends on the size of the wordlist. The number of guesses an attacker must try is s^n * 0.5 where s is the size of the wordlist and n is the number of words in the passphrase. You should never create your own wordlists by "just picking random words" that come to mind. People are an extremely poor source of entropy. If the size of a wordlist is 66666 words, then 6 words in a passphrase is probably a sufficient amount.