Me? I usually use in least 8 digit, a number, as well as one 'special' charactor.

It never ceases to amaze me how many people use very weak passwords in this age of abundant security information.

I never, ever use a password that could be cracked with a simple dictionary attack. My passwords are always a combination of upper and lower case letters, always at least 4 numbers, and at least 2 punctuation marks. They vary from 10 to 15 characters.

Bring on biometric identification. That's what I think.

The part that really gets me is how many applications still allow passwords that are only four characters in length or those that do go up to 8 charachters, alpha and numberic only with no special characters allowed and treat uppercase the same as lower case.

With all the current publicly available snooping and hacking tools, I like at least 15 charachters with a good mix of uppercase, digits and special characters. If you really want a good idea of how good your password is take your 'good' passwords and run rainbow crack against them with a built datafile, it will get most of them without even trying.