NDERF Notice:
Recently, a very popular forum (not this one) was hacked and all of the information taken, so just as a reminder...

Do not use the same passwords across sites. Do not use the NDERF forum password as your bank password, for example. Doing so can be extremely dangerous, and NDERF cannot be held liable if people do not generate separate adequate passwords for their e-commerce and other important sites.

Misha's personal opinion:
Although advice varies, the best passwords for e-commerce, etc., are currently (2016):

-length 18 or longer
-contain symbols
-do not contain dictionary words, or partial words, such as f1tness
-basically look like nonsense. Here is a secure password: 'p@U'[ZwuZ2o2x^bJMH{
-yes, they are hard to remember... unfortunately. Write them down.