In fact, the author's article makes this very point, which is why I pointed out the logical flaw in the thinking.
I'll reduce N to 6 for simplifying the author's absurd example but it can expand to any N.
If we take the argument to hold that you roll a random die of N length (6 in our case) and the upperbound represents one strong password, while all other values equate to the word "password", the flaw is in how this logic is applied.
Imagine this is our set of possible values:
password, password, password, password, password, hj5^@l2jl9GGk;Clkm(0]
It makes little difference if you look at this as either the bytes involved in the entire set, or the average of all passwords within the set, it's going to come out looking like you are secure.
This means what they're attacking is all permutations of the following set of characters:
a, C, d, h, j, k, l, m, o, p, r, s, w, G, 0, 2, 5, 9, ;, ], @, ^, (
What an attacker must know though, is the character set used within, as well as the length. This is the logical flaw the author made in their analysis. For an attacker, the entropy of an individual string is taken as possible character permutations required to discover the true password and NOT permutations of the entire strings themselves.
If you look at the values for each string presented in our set, what an attacker has to attack is:
a, d, o, p, r, s, w
C, h, j, k, l, m, G, 0, 2, 5, 9, ;, ], @, ^, (
But in order to attack these, they need to try the full set:
a-z
a-zA-Z0-9;:[]!@#$%^&*(){}
One of these will be VASTLY easier to break.