That's an important question. More and more things are on the Internet and depend on passwords to prevent identity theft. But if you have sensitive data online, an easily crackable password means that anyone with time and interest can get into your data.
There are many general rules:
- Use upper and lower case, numbers, and punctuation.
- Don't use words in the dictionary.
- Change your password frequently, especially if it protects financial information.
- Use a sentence for a long password. The first letters in "How I need a drink, alcoholic in nature, after the heavy lectures involving quantum mechanics!" (for you math majors*) can be changed to "h!nada1nathl1qm" and be very hard to break.
Microsoft has a nice Password Checker web page that lets you test the strength of passwords. Try yours out. For instance the default Siena password is only medium strength, and "Swordfish" or "Password" are easy to crack.
The better the password, the safer you are.
* A famous mnemonic for the digits of pi -- count the number of letters in each word.