XKCD on the password paradox: human factors versus computers' brute force

Today's XKCD, "Password Strength," neatly illustrates the research from this paper (PDF) by Philip Inglesant and M. Angela Sasse from University College London, with the ironic conclusion that we've trained our users to use passwords that computers can easily guess and humans can't possibly remember.

Password Strength