Passwords

• Never use words. Use apparently random letters mixed with numbers. It doesn't have to be hard to remember. The initials of your favorite 3 people with the last three digits of their phone numbers in-between. E.g. I love my wife, my daughter and my son. Thier names are (not) Roberta Maria Orca-Newton, Alice Maria Orca-Newton and John Roger Orca Newton (no hyphen) and my home phone is (not) 761-770-6146 so I might have a password (I don't) like RMO146AMO146JRON146. That example is probably a bit long...
   
• Between 6 and 10 letters and numbers is a good length. Shorter is a risk, longer is a pain.
   
• It is also good to change passwords on a regular basis, but don't make it hard on yourself, just work the date in there somewhere. The seperator numbers could be the current year and month for example. Just remember to change it on the 1st! Or you can put in the month abbreviation spelled backwards. E.g. March would be RAM
  
• Don't allow windows to "save" passwords for you
   
• Don't write passwords down. EVER!
   
• Have a different password for each service. Again, it doesn't have to be hard. Just encorporate something about the service into the password. E.g. the middle part of the web address (RMO146Pal2004Pay03)
   
• Come up with a system that doesn't change but still satisfies all the above: e.g. Initialls of your favorite person, then the last 4 of their phone number, then the last part of the web address of the service, then the year, then the first part of the web address and then the month. Notice how that will be different for every service and will change monthly, but it really isn't hard to remember. For March of 2004:

  Ebay: RMO146Bay2004e03
  PayPal: RMO146Pal2004Pay03
  Amazon: RMO146zon2004Ama03
   

• One last fine point: This is optional. Try to use the "wrong" letter for some of the digits. E.g. replace all the zeros with the letter O or replace lowercase l with 1. The idea is that if someone sees over your shoulder or gets a glance of your information, there is still a good chance that they will not have it right.
   

You should make sure of is that your computer is safe:

• Some sort of anti-virus program installed
   
• Ensure that no one is "spying" on you
  http://www.lavasoft.de
   
• Make sure no one else uses your computer or that anyone who does knows what they are doing.

Also:

• Internet
• World Wide Web; WWW
• Email and spam (lowercase, the food is SPAM uppercase)
• Avoiding Virii; Anti Virus; Virus

See also:

• http://www.securityfocus.com/columnists/224 A really good write-up on how easy people make it to find thier passwords.