To me there are two different kinds of passwords scenarios
the first is where you are logging on to say your bank. anybody is very unlikely to guess your password because you only had three tries and then you are locked out and have to do a reset so in this scenario the password almost doesn't matter - no one is going to get it in 3 tries
The second scenario is where the person trying to get your password has access to the file containing the encrypted source of passwords or for example a Word document that is encrypted. in this case of course they have as many tries as they want and will typically run a password cracking program using a very fast computer and an even faster GPU.
In this case they will use a dictionary attack and so you should not use words for example 'my head is painted green' is only a 5 character password as it has 5 works
a simple way to choose a random password is to think of an obscure song or poem and use for example the first letters of each word in the first couple of lines of that song or poem as the password. Add a special character at the beginning or end or both if you want to
Biting the hand that feeds IT
