Ideally, a password should be
easy to remember for you,
impossible to guess for anyone else, and
impossible to discover by trial and error by
the fastest computer to be invented in the next fifty years.
For most of us, these three requirements are not consistant, and a compromise is necessary. A password that you need to write down is much less secure than a shorter and simpler one you can and do remember. For most purposes, a random sounding sentence which doesn't relate to your personal life, such as ohgeewhizasaladbar is secure enough. After that, you should concentrate on other precautions, such as never typing it when people are watching, never telling anyone you shouldn't, never writing it down, and not storing it on any medium not as secure as the computer it protects. As a general rule more passwords are compromised by the above methods than by any other.