This cartoon about password strength has been around for ages, and is spot on.
It is amazing that so many people do not care about security and still use really simple passwords (often the same password on multiple sites).
Best advise is: use long random character passwords generated by lastpass.com or similar. Nothing else is now safe. Long means more than 12 characters.
ANY word (including names of people, pets, teams, etc) or phrase (any language) that has been published on the internet is easy to crack. Replacing letters with numbers and adding a few special characters does not help much. Any random character password of less than 12 characters is now easy to crack.
You are in trouble if the bad guys can get hold of the password file used to secure any service/site you log in to.
They get hold of the password files over the internet through poor system security or by using trojan software on the computers of the guys running the sites, or even from an employee that is a bit p***ed off. If the same password is used on several sites, the bad guys only need to get hold of the password file from the least secure site.
Cheap ($50) graphics cards for PCs can check millions of passwords each second against all the standard encryption algorithms (used to protect password files in most cases). In fact, to save time, there are preprocessed tables available of the first few tens of millions or so words and phrases.
Maybe the fingerprint scanner on iPhone 5s will help a bit, but we really need to see much better security options. Passwords are passed their sell-by-date.
Cartoon http://xkcd.com/936/ from xkcd comics, used with permission.
via Public RSS-Feed of Stuart Moore. Created with the PIXELMECHANICS ‘GPlusRSS-Webtool’ at http://gplusrss.com https://plus.google.com/108083406947097710872/posts/c8dsC4fQzhJ