My password habits have been significantly improved after I started using 1Password. So much easier to have different passwords for each service, and still keep them in the 20 character range. So now I only need to remember a few passwords (My 1Password master password and the passwords I need when away from my iPod Touch or MacBook). Absolutely recommended!

I like to add a simple hash value based on the URL onto my passwords. A simple hash that you can calculate in your head is best, such as the first four consonants of the URL, and then you can integrate that into a password by just concatenating them or splicing them together somehow.

That way, all your passwords are different in a manner that is not immediately obvious, but there is no significant additional burden on your memory.

I wrote something a while back to generate passwords for myself. http://trashb.in/pwgen/

Everything is in unobfuscated javascript except for jquery and the usage counter, so feel free.

Simple passwords are easy to crack, who saw this coming?

yawn... does this apply to anybody on HN?

Also, security articles with a condescending or arrogant tone are a big turn-off.