This is a question that people rarely ask themselves. I know numerous people who've had mail and video game accounts hacked due to weak passwords. I'm a big fan of using passphrases and special characters whenever possible. It irks me to no end that some of my financial institution's websites don't allow special characters and even limit the password to eight digits (seriously it's 2012).
Steve Gibson, a long time security hawk and software developer, has a great website for checking out how your password will do against a brute-force attack. However, it won't tell you if it's easy to guess (like your dog's name that's all over FaceBook) or is an easily cracked dictionary word (note: stay away from words found in the dictionary).
Try your password/passphrase out here: Haystack