I am getting more and more paranoid about this. Lately I have started to
use an application called 1Passwd (which also includes a FireFox plug in.)
Anyway. check out this
post from Schneier on Security:
"[snip...] So if you want your password to be hard to guess, you should
choose something not on any of the root or appendage lists. You should
mix upper and lowercase in the middle of your root. You should add
numbers and symbols in the middle of your root, not as common
substitutions. Or drop your appendage in the middle of your root. Or use
two roots with an appendage in the middle.[snip...]"
Read the whole thing!