Do not use a password that consists of only numbers. You may be like, ha! ha! nobody would ever guess this random string of numbers *stupid grin*.

Well guess what, it doesn't take very long at brute force crack an all number password.

At my college for instance the default password for users accounts is your student number. To make a long story short I found a nice way to brute force crack passwords and a 9 digit all number password takes all of 4 seconds to crack on a pentium 2 celeron 500Mhz.

For that matter a password of less than 7 letters/numbers or a combination of both is just stupid. With the computers avaliable to the average computer user a 6 character password is probably the most they could hope to crack on their own in a reasonable period of time, under 2-4 months.

To make your password insanely hard to crack use punctuation, numbers and letters in combination. Do not put numbers on the end of an english word, not a good idea. Most brute force or dictionary attacks will try sticking the numbers 1-99 on the end of words to catch things like omega1 or dogfeet2.

Of the best suggestions above is hamster bong's. I was the one who introduced her to it and it is a fairly safe system. The longer the password and more possible characters that could be used in it, the longer it takes to crack your password.

The relationship between the length of your password and time it takes to crack is an exponential one. With numbers it's small like (number of digits in password)^10(possible digits 0-9), not to difficult for todays computers. Add the alphabet and punctuation and it gets huge, stick in and extended ascii character and it gets even more difficult to crack.

Well I hope this helps.

This little utility will give you an idea of how long your password would take to crack.

Note: My celeron 500mhz does about 96,000 pw/sec.
Also Note: this password calculator thing isn't entirely accurate but you can get a ball park figure from it.