I've talked to many of my clients a lot about password security. It's a very important issue. Using horrible passwords like "venti latte" or "Da11a$ rock$" is a lot like leaving the keys in your car and the doors unlocked when you park in a public lot. You'll probably be okay for a while. Until you aren't.
Here's a good article over at The Next Web on creating good passwords.
The Art of Creating a Secure Password
It's important to understand that a lot of the info floating around on the Web about passwords is simply outdated and, well, wrong. If you're under that "Da11a$" is a good password because it's got a capital letter, a numeral and a mark of punctuation in it, you're living in the last decade. Don't feel embarrassed. A lot of major tech companies still require those qualities in a password. They're living in the last decade, too.
The single most important characteristic of a password now is length. Any site that won't let you have passwords longer than, say, 10–12 characters, is inherently insecure by today's standards. A long phrase with no caps, no punctuation, and consisting entirely of real English words, like "my pterodactyl 8 sicks sox", is hugely, almost incalculably stronger than a shorter password that satisfies all the old rules for password strength, like "Da11a$ rock$". The substitutions (numeral 1 for lowercase letter l, $ for s, etc.) are known to hackers, so there's little functional difference between "Da11a$ rock$" and "dallas rocks" other than the one with the substitutions being harder for you to type. According to one password testing site, the phrase with substitutions will take 18 minutes to crack, while the one without will only take 3 minutes. This is a distinction without a difference. You want passwords that take centuries to guess, at a minimum.
Anyway, check out the article linked above. Look into 1Password (my favorite) or LastPass. Or best of all, get a copy of Joe Kissell's excellent book Take Control of Your Passwords.