Make it long This is the most critical factor. Choose nothing shorter than 15 characters, more if possible
Use a mix of characters The more you mix up letters (upper-case and lower-case), numbers, and symbols, the more potent your password is, and the harder it is for a brute force attack to crack it
Avoid common substitutions Password crackers are hip to the usual substitutions. Whether you use DOORBELL or D00R8377, the brute force attacker will crack it with equal ease. These days, random character placement is much more effective than common leetspeak* substitutions. (*leetspeak definition: an informal language or code used on the Internet, in which standard letters are often replaced by numerals or special characters)
Don’t use memorable keyboard paths Much like the advice above not to use sequential letters and numbers, do not use sequential keyboard paths either (like qwerty). These are among the first to be guessed
Avoid using personal information. Personal public information could be easily accessed online, therefore in order to create a strong password it is advised to avoid using information that could be linked to you (names, cities, birth dates, street addresses, pet names, favorite movies/books/sports teams etc.).