Bruce Schneier has estimated that in two to five years time, computer hardware will be powerful enough to search through the keyspace of an 8-character password (such as that used by Linux) within an acceptable amount of time.
This is why programs such as GPG, PGP etc. now have a space for a passphrase. While this could be a sentence, this again may be vulnerable to dictionary attacks from determined attackers.
Of course, remembering a whole sentence of line-noise may be tricky for those of us who aren't uber-geeks. How does "WA1d!nT04"W<N^w15#h0v>1db@pdi4%b+-4d0tt?" strike you?
The decreasing levels of protection normal passwords provide is one of the driving factors in research such as biometrics.
The important thing to remember is that even if you keep your password in your head, anyone with read access to either /etc/passwd1 or the SAM files in which WinNT/2000 keeps the hashed/salted passwords will, if determined enough, eventually gain access to those passwords. Which is why our sysadmin measures his passwords in the time it takes for them to be broken. Eight hour passwords are considered generally acceptable for normal users.
1: Or /etc/shadow, depending.