I've been using a password generator for years and I never use the same password for different sites. Twenty-character random passwords are fairly bulletproof, but are impossible to remember. I keep them all in program and it is backed up every evening. Every couple of weeks, I copy it to a USB drive.
Laziness is the biggest advantage for password thieves.