This is an example of a password I might use:

$=7rq2]6oLQa^K}3ni4U<4Ylpp8?0p|1@n7Nld[g

Randomize your passwords and make them long.  Use a password manager and keep the password database on a flash drive.  True, if they get the database or log your passwords you're screwed but you're pretty much screwed at that point anyhow and this will cover the most obvious attacks, bruteforcing the encrypted password database.

I cringe when I see some of the passwords people use and how often they use them on other sites!  BAD BAD BAD!  NEVER EVER EVER EVER >>EVER<< use a password on two sites, and your E-Mail password should be the ultimate utmost strong password and protected like a 500 lb block of platinum.  Think about it, when you forget a password what do most sites do?  E-Mail it back to you or send you a link to change it.  If someone gets that E-Mail password they can have a field day getting into your other accounts.