Great topic Linus. I want to add two things to this topic.
1) Creating a strong password. I use a cipher technique to make any password that I think I might have to type in (like the password to login to my laptop or my workstation). Take a word or phrase you will remember, then shift your keystrokes in some direction. For example, if you take applepie (which would be a horrible password) and shift it up and left you get
Q00o3083. If you want to be really crafty you can change some of those numbers into symbols so Q00o#)83. Now, someone attempting to break your password has to to determine what your starting word is and what your cipher scheme is. With this, even an 8-character password becomes unguessable by sheer luck or brute force.
2) Buy a password manager. For *everything* else, I use a password manager. This is a piece of software that plugs into your browser and will remember passwords for you and will also create strong passwords for you that you need not remember. You secure it with a master password so instead of having to remember your password for your bank, and your electric company, and your phone company, etc. you remember the master password. The one I use is called
1 Password . It works on Mac, Windows, iPhone, iPad and Android. I use it on both my employer-provided Windows box and my phone and my Mac and when I buy an iPad later this year, I'll throw it on that as well.
The beauty of this is that it can sync using Dropbox or over your WiFi so the password file is always up to date regardless of the device. It's strength is creating strong password. Although my cipher scheme is workable and creates passwords that are reasonably strong, 1 Password allows you to use passwords that you simply couldn't remember. Here are three that I randomly generated as an example (i.e. this isn't the password to my bank account). 1 Password will run you $39.99 for the Mac or PC version and another $5.00 for the iOS version. But very well worth it!
yot4med5hib4ced
Z{8h?3dqW6(:42J
4a4p6x;KtM8B>U8;@6Dy
As you can see, those passwords are all but unguessable and anyone this side of a national intelligence agency (like the NSA) would have a hell of a time cracking it.
Cheers
Aj