I don't think it matters how secure your password is if it gets sniffed or keylogged. I have been at more than one internet cafe where I absolutly needed to login over an untrusted terminal to my mail account.
I read an interesting paper a while back (sorry, I don't remember where or what it was called) that attempted to thwart keyloggers. Their study showed that keyloggers pretty much never paid attention to the mouse. Thus their security method was to click in the password field, type a character or two, click outside the field and type a bunch of random stuff. Rinse and repeat until your password is entered. It seems pretty hackish but according to the authors it was quite effective.
I've used this method a few times at public internet terminals hoping it would work, but in the absence of evidence that it really would work I got lazy and haven't bothered most times. Good to know it's an effective extra preventative measure.
