Passwords are bad. It is really necessary to restate it? Wired has a very interesting story about the singer of Linkin Park (one of the most interesting bands in the last years IMHO, but that's not important here). Long story short, a hacker guessed one password ("Charlie", not a very strong one) in use in his household and stalked his family for a year. Luckily everything is resolved now, but the conclusion of the article is especially interesting (edited by me for strong language):
Meanwhile, Chester Bennington is grappling with the headaches that increased security brings. His passwords are now long strings of random letters and numbers that he changes frequently. "I keep a list for every different thing, and it drives me out of my f**** mind," he says. "I want to go back." Back to Charlie.
Mr. Bennington, that's called password fatigue. We are well aware of it, and we think we have a good solution: Windows CardSpace. If by any chance you'll land on this post and you'll want to know more, I will be happy to explain what it is about in details.