One of my customers, who worked with me in the past for a certain company ;-) STILL writes his passwords down in a small notebook that he carries everywhere and then puts in a safe. LONG passwords, letters, numbers, symbols, total gibberish.
That said, I don't really like the 1password or lastpass solutions and as we have seen recently things are getting HACKED. single sign-on is a GREAT concept and another company I worked for had a biometric authentication with a key card AS WELL and the passwords were stored on a chip in the key card. It was pretty solid.
A recent security researcher published an article where he detailed what the highest level of password security was and the result was interesting:
Best possible passwords to USE if your website or company makes it possible is a simple PHRASE of THREE WORDS or more (there was no need to go beyond three) with A SPACE as expected in between the three words.
THIS IS THE PASSWORD type of thing, or MY DOG BITS, or TAKE ME HOME. Compared to a SIX DIGIT with minimum ONE CAP and ONE SYMBOL and ONE NUMBER which could take a super computer with brute force something like eight months to break, this was essentially 1 MILLION YEARS+ with a brute force method and 2300 years with a common dictionary attack.
Seems interesting.
Here is a link to the article that excerpted the study
http://www.baekdal.com/tips/password-security-usability