Peter emails to point out a broken link in an old post of mine that talked about how to make a strong password. His company has a very good page that covers this better than I did.
The also have a password strength checker. I didn't use any real passwords but did use made up ones that would be similar form to my real ones. The check seems to give reasonable results. They say that they don't record passwords entered.
There's also the required XKCD comic.
There are two changes I'd offer to their excellent advice about passwords:
1. I actually write down my wifi password (and login information for the wifi router) and take it to the wifi router. I figure that anyone who gets physical access to my wifi device can do a factor reset on it and get in anyway, so the risk is basically nil.
2. I actually do not like to change passwords, and think that this is an area where security people have given bad advice. By making people change passwords all the time, we've made security more difficult and so people try to get around the security protections. Overall, this seems to make things worse. Instead, I choose very strong passwords, which means easy to remember but long (more than 12 characters, and I'll probably move to 15 soon). passwords. These are extremely difficult for bad guys to crack and so it really doesn't matter that the password is more than 90 days old.
But other than that, the page has excellent password advice.