The following two paragraphs were taken from the passwd man page on Lonestar.
Don't write down your password - memorize it. In particular, don't write it down
and leave it anywhere, and don't place it in an unencrypted file! Use unrelated
passwords for systems controlled by different organizations. Don't give or share
your password, in particular to someone claiming to be from computer support or a
vendor. Don't let anyone watch you enter your password. Don't enter your password
to a computer you don't trust or if things Use the password for a limited time and
change it periodically.
Passwd will try to prevent you from choosing a really bad password, but it isn't
foolproof; create your password wisely. Don't use something you'd find in a dic-
tionary (in any language or jargon). Don't use a name (including that of a spouse,
parent, child, pet, fantasy character, famous person, and location) or any varia-
tion of your personal or account name. Don't use accessible information about you
(such as your phone number, license plate, or social security number) or your envi-
ronment. Don't use a birthday or a simple pattern (such as backwards, followed by
a digit, or preceded by a digit. Instead, use a mixture of upper and lower case
letters, as well as digits or punctuation. When choosing a new password, make sure
it's unrelated to any previous password. Use long passwords (say 8 characters
long). You might use a word pair with punctuation inserted, a passphrase (an
understandable sequence of words), or the first letter of each word in a
passphrase.