PerryLorier's prefered way of choosing passwordsI highly recommend it for everybody.
(My new password is _]}e9pgU5-u6_hr[KF|*).
/dev/urandom is an interface to the kernel's random number generator. If you cat it, you'll get (mostly) random characters. See random(4) for information.
tr(1) is a character translator. -d stands for 'delete characters in this set' and -c stands for 'compliment'. If you check ascii(7) you will see that space and tilde () are the outer limits of the 'typeable' ASCII character set. The translator stage will throw away anything lower than space or higher than tilde (all the high-bit ASCII character).
fold(1) wraps lines to a certain width. -w 20 wraps at 20 characters (the default is 80.) Mere mortals will probably want to set this to around 8.
head(1) (the opposite of tail(1)) returns the first lines of an input. head -1 returns only the first line. (use head -n 8 if you want some choices to pick from).
PerryLorier won this week's 
useless use of cat award. The fold(1) is also redundant since head(1) has a -c parameter. In a pinch,
tr -dc ' -' < /dev/urandom | head -c 20
Cheers. :)
every time you waste a cat, god kills a kitten
Another popular method is to take the first letter of each word in a line from a song (eg 'I want to ride my bicycle' -> iwtrmb), or a phrase you can remember and changing letters to numbers ('foursquare' -> 'f0ursqu4r3')
If none of these methods are to your liking, you can always set your password to "gandalf". This is highly original, and no-one is likely to think of it.
You might find more information on the SecurityNotes page.
2 pages link to ChoosingPasswords:
