Darin and I recently did a talk on Computer Self-Defense and one of the points we talked a lot about was strong passwords. You should, of course, have passwords that are complex and include upper and lower case characters, symbols, numbers and are not real words (for instance, Bob, Bob01, and Bobbette are Not Good Passwords). And, really, really importantly--you should NOT TELL YOUR PASSWORDS to other people.

BoingBoing cites a survey where people gave their passwords to strangers on the street for a chocolate bar:

One interviewee said, 'I work in a financial call center, our password changes daily, but I do not have a problem remembering it as it is written on the board so that every one can see it.... I think they rub it off before the cleaners arrive."

And, of course, then there's my classic favorite where people gave their password to strangers because they were carrying clipboards.....