Pay particular attention to the difference between using only lowercase characters and using all possible characters (uppercase, lowercase, and special characters – like @#$%^&*). Adding just one capital letter and one asterisk would change the processing time for an 8 character password from 2.4 days to 2.1 centuries.
via lifehacker.com
I know lots of people question the potential for the single point of failure aspect of 1password, but being able to create and use one really complex password to protect against using the same crappy password across the web seems like a better solution. I am honestly floored at how the difference between a single character in a password string makes such a huge difference. I guess my new goal should be to have at least 14 character passwords. Even if you don't use a tool like 1password you should read this and head the warnings -- if not for your own personal reasons, then for the security of your organizational data.