Use long passwords for encryption (minimum 10 chars, preferably 20).
Use upper-case, lower-case, numbers, and symbols.
Do NOT use the password anywhere else or write it down. Sorry, but you're going to have to commit it to memory.
Do not use windows built in encryption or any retail encryption schemes. Use open source.
Truecrypt is not open source, but people use it anyway, so read up first before you decide.