Microsoft has a password checker that’ll tell you how secure your password is. Test your passwords there, then check this chart which tells how long it takes to crack a password using easily available software.
A solid password will be at least eight characters long and mixed case. If passwords are lowercase only, then there are 26 possibilities for each character. If it’s mixed case, then there are 56 possibilities, which makes it orders of magnitude harder to crack. Toss in numbers and special characters, and the password then becomes very secure.
Don’t use your standard passwords for important sites like online banking. Make those important passwords different from any other password you use.
I store my passwords in Password Safe (Windows only, unfortunately) which is open source and easy to use.
Firefox handles passwords better than IE because it allows you to view which ones you’ve saved, and thus to delete them if you don’t want them stored at all. IE, to me knowledge, doesn’t have this feature, so you never quite know which ones are stored.
And if goes without saying to not use pet names, birthdates, or anything obvious like that for important passwords.