I use acronyms (including punctuation where allowed) as my passwords. Most are taken from poetry in another language, with a deliberate error added, and I have a "reminder" word which will remind me of what the phrase I used is. Where possible I set it up so that the name of the site itself is a reminder of the password.

I seriously dislike websites that force me to use "security questions" - as far as I am concerned these are merely unsecure passwords! I also hate websites that force specific patterns or character types, or disallow punctuation. Logins that I'm forced to change frequently end up with a normal password appended with the date in mmyy format.

To give a practical example of my password methodology - The Lady Of The Lake. I misspell the acronym as "tlith!" and the reminder word is "Excalibur".

It is actually quite difficult to come up with good passwords with this technique - I require that all my passwords not look memorable and not be pronouncable, and at least 10 - 12 characters long. "tlitl" fails on all counts!

Audrey