How Long Does it take to Break your Password?
Don't make the mistake of using passwords that are too short, or too easy to guess correctly. For instance, it will take around two months for your computer to guess a reasonably strong password
with 5 lowercase, 2 uppercase and 4 numbers but more common passwords like "test", "password" or "123" can be cracked in negligible time. Think *($&^8/>#89*&$*&!
11 Characters = 80,318,101,760,000 Combinations
Full story: Digital Inspiration
My personal philosphy is to pick a password you can actually remember without needing to refer to cheat sheet each time you use it. A simple tick I use is to think of some sentence, then use the first letter of each word - and throw in a couple numbers here and there.
Our SafeHouse Professional Edition encryption software has a built-in dictionary of weak passwords and will alert you when you attempt to use one of them. The list comes from a variety of common sources, but the most interesting source is from a database from a popular screen saver website: any password used over and over again by different people made it into our list.
I've seen password dictionaries for sale on the Internet, and they don't cost much. These kinds of tools make it failry convenient for hackers to try all the popular word combinations.
Wikipedia also has a nice write-up on how to pick strong passwords.
Here's a password strength calculator.