People ask me about security, and much of it is based on having good passwords. In general, one-time passwords are best. These change each time one logs in; yubikeys and RSA ids are examples. Two factor -- typically one reusable and one ephemeral (e.g.: SMS text your cell phone) -- are good too. When we're stuck with reusable (using the same one again and again), then picking good ones is critical. Good ones are both long and difficult to guess. Random is best, as we humans aren't as random as we first appear. As long and random passwords aren't memorable, we need password keepers. Firefox will remember passwords for you; I recommend you allow it to do this, but: set a master password! I also recommend using keepass from http://keepass.info/ for whichever platform you have.
So, let's do a little math. 26 lower case letters, 26 upper case, 10 digits, and 10 symbols equals 72 characters. Let's say you have 8 character random passwords using each of the character classes and no repeated characters. So, 72*71*70*69*68*67*66*65 -= 482,590,739,030,400 possible passwords. Not bad. Now let's go to 20. 72*71*70*69*68*67*66*65*64*63*62*61*60*59*58*57*56*55*54*53 = 759,184,772,617,383,139,127,116,820,643,840,000 possible passwords. Good enough for the time being.