Quick little tip... We all know that increasing the length of the password makes it harder to crack, but you can also use length/complexity to invalidate the LanMan hash, thereby making it uncrackable to many common tools.

Simply use a password over 14 characters in length (XP can handle 127, as can 2000 IIRC) and/or use charachters from the Unicode character set from 0128 to 0159. (If you have a domain with NT4 or 9x machines, this is not a good idea, since they can only handle a maximum of 14 charachters.)

The Unicode characters are also not present in many common password cracker's character sets.