For all the tips that follow, be sure you have solid and reliable backups -- it would be a giant pain to lose your passwords if your hard drive dies.
To begin with, there's an extremely powerful tool that comes with every Mac sold. In the Utilities folder you'll find the Keychain Access application. This app has a built-in Password Assistant for generating strong and unique passwords.
Launch Keychain Access, and then select File > New Password Item. In the field marked Keychain Item Name, type in the URL (address) for the website:
Next, type in your account name, and then click that little key icon to the right of the password field. The Password Assistant appears (see image below), and you can choose from one of several different types of passwords -- memorable, letters & numbers, numbers only, random, and FIPS-181 compliant -- then use a slider to set the length of the password.
Remember that longer passwords are much more difficult to break -- although, unless you're depending on this password to protect your financial info or medical records, a 10-15 character password is probably fine. Click Add to save the new password on your Mac keychain. To grab the password while logging into a site, launch Keychain Access (it might be helpful to keep it in your Dock) and use the search field to search for the URL you're looking for. Double click the item in the list of sites, and then check Show Password to view your password or copy it to your clipboard. Note that you'll need to enter your admin password to view the site password.
The popular cross-platform password management application 1Password ($39.95, family pack available for $69.95), also has a way to generate strong passwords. 1Password is handy because it can automatically enter your user name and password into a site's login form with the click of a button, making it a cinch to use long passwords without the need to remember them or copy/paste them; it can also store your password data on Dropbox or MobileMe for instant backup and easy access (while keeping everything secure and safe). If you're already using 1Password, it's easy to search through your login data to see if you're using your Gawker login credentials at any other site, and change those passwords quickly (just search by field 'Password').
When the 1Password plug-in is installed in your browser, you'll see a small "1P" icon. Clicking that icon displays a dropdown menu, with one item being "Strong Password Generator." As with Keychain Access, you'll need to enter in a title and the URL of the site, and you can then use the length slider to create incredibly long passwords that can either be pronounceable (easier to read to someone if you need to) or completely random.
I personally use 1Password for most of my internet logins simply because it can create very complex passwords, and then let me log into those sites with a click from Mac, Windows, iPad, or iPhone.
Last weekend's 360MacDev was extremely timely, as one of the speakers was Dave Wiskus of Double Encore. One of the free apps from Double Encore is KeyGrinder, which is a unique web and iOS app (coming soon for Mac) that creates password hashes that are generated by an algorithm that takes the website URL and an easily-remembered personal password, then mashes them up to develop a unique code. The password you log in with is different for every website since the site URL is completely different from place to place.
Regardless of what device you're working on (Mac, Windows PC, iOS device), the same URL and personal password will always create the same password hash, so the same password will be generated on any device. The web app is accessible at http://keygrinder.com.
Another free app (available in a paid "premium" version as well) that is similar to 1Password is LastPass. As with 1Password and KeyGrinder, all you need is a master password to get into just about any site. The app is cross-platform; not only does it work with Mac or Windows, but it's usable on Internet Explorer, Safari, Firefox, and even Google Chrome as well as a variety of smartphone operating systems.
The Gawker hack attack has made the need for unique and strong passwords painfully aware to a lot of people. Hopefully, you'll be able to use one of these three tools to help keep your passwords secure.