Never Say Never Again prepared me for the flashy future of biometric computer access; why remember a login and password when you can identify yourself with a wink of an eye? We're not there yet, so you likely already use strong passwords. But don't ignore the first half of gaining entry--the login.
Thieves need the login and password to access your accounts, so make the login difficult to guess, too. Avoid a simple, name-based method; add extra numbers, letters, or an ID that's entirely different. Ideally, use unique logins (and passwords) for each service to isolate any exposure, should someone breach an account. (At the very least, keep unique logins and passwords for your most sensitive accounts, such as online banking.) While you may have to tell a customer service representative your login on occasion, don't share the information without need. And never give anyone a password.
Some logins are tied directly to your email account. For ideal security, you could create an obscure email address just to serve this purpose. If you're not running your own domain, a Gmail account reserved just for a login does the trick.
Naturally, I have a hard time remembering unique logins and passwords, so I've begun using SplashID, one of many password-storing utilities. I just need to remember a single strong password to access that utility, then it reveals all of that hidden information. Best of all, these utilities encrypt my data so that even if I lose my laptop, a thief won't be able to dig through its resource files to uncover those secrets.