Researchers at Carnegie Mellon University suggest another element to keep in mind when coming up with supposedly strong passwords-- good grammar is a security no-no. 

The researchers developed an algorithm able to make short work of cracking long passwords (even with numbers and symbols) if they make grammatical sense as a whole phrase. 

According to New Scientist the algorithm creates grammatically correct sentences out of words and phrases sourced from password-cracking databases. Other cracking programs are limited to making multiple guesses out of single words. 

The Carnegie Mellon algorithm is so effective it even managed to guess long passwords other cracking algorithms (such as John the Ripper or Hascat) failed to crack. 

The researchers also suggest other familiar phrase structures, including postal addresses, email addresses and URLs, make unsecure passwords despite of length. 

Password cracking is becoming increasingly easy business-- a PC with multi-GPU support and 4x AMD Radeon HD 5000 graphics cards can run Whitepixel, an open source GPU-accelerated algorithm able to generate up to 33.1 billion passwords per second.

Go Bad Grammar Make Good Password Research Say (New Scientist)