The first tip is to avoid any letter or number combination that could be traced back to you directly. Examples of this would be your name, your birthday, your significant other's name, or even your pet's name. These are particularly easy for humans to guess, especially if they know you. For passwords that you will enter in in public areas, you may wish to use a combination that can be entered quickly, to minimize the time that your data is there for prying eyes to observe.
Most passwords aren't cracked by humans, but rather by computer programs. Most often, programs doing this are using the “brute force” method; trying every possibility until the correct one is found since a computer can process dozens of specific requests like this in the time it takes a human to enter one or two guesses, it is surprisingly effective. That being said, the longer your password is, the better. Each character represents a unique variable that the computer must parse.
Users should also have a variety of passwords at their disposal. Using the same password for everything is especially dangerous if anyone else discovers it. Instead of breaching one of your accounts, they can now access multiple accounts. If you suspect that someone is trying to access one of your accounts without your consent, you may wish to change the password. If they have been making many guesses, this can effectively nullify their previous efforts.
What are other steps you take to secure your accounts? Do you feel that your accounts are at risk? Let us know on the forum!