Passwords are a common means of controlling access to your computer and various secure web sites. You need to make your password as difficult to guess as possible since once someone guesses your password (or obtains it via a brute force attack) they have complete access as if they were you.
Some people consider that a good password is one that is at least eight characters long and contains both upper and lower case letters and numbers. The password should not contain dates or any word that can be found in a dictionary. Other people now recommend using much longer passwords that are easier to remember by simply using four or five unrelated words strung together as the password. Such passwords will often be longer than is allowed and so where shorter passwords of under thirty characters must be used you are better off to use a password that contains at least upper and lower case letters and numbers.
Windows NT/2000/XP/2003/Vista/2008/7 has much better security than Windows 95/98/SE/ME because you can force people to logon and you can restrict access to data on the computer to only that which belongs to the user who is logged on.
You should rename the Administrator login to something else so that both the logon id and password need to be guessed, not just the password. Never log on with an administrator account for everyday use.
With Windows XP/Vista/7, passwords are optional. Even if you decide to not require passwords for the regular user accounts, you should still require a password on the administrator account. This will reduce the need to log in as administrator even further as many of the tasks that require administrator level access will then be able to be run via the "Run As" option in the context menu where you can then supply the admin username and password to run individual programs as administrator without having to log out of your user account first.
You should always disable Guest access.
This article written by Stephen Chapman, Felgall Pty Ltd.