Wouldn't some deliberate misspellings be sufficient for most of us? Such as "stapple" above? Try "Korrekt", and/or "batery".
Deliberate misspellings are great; in the sense that they dramatically increase the dictionary size.
But then you have to remember the specific misspellings you made. And the attacker would simply compensate by including all the common mispellings, leetspeak, lolcat spelling, etc to his attack dictionary:
so instead of just password:
he'll also try p4assw0rd, p455w0rd, ... passwerd, passwurd...
This adds' complexity and therefore adds security, but its harder to remember exactly what leetspeak or whatever you applied and exactly how you applied than it is to just add another word or two.
As always, if you want more security its generally easier to just add more words.
I don't know how password crackers work, but aren't they going to give up after hitting my bank account more than a few dozen/hundred tries, and move on to the next?
Typically they find a weakly protected password database online somewhere some random blog or forum or maybe something little higher profile like the Playstation network ... , they download it, and then attack it directly. Allowing them to try millions, even billions of attacks on all and any account in it using clusters of computers, GPUs, and whatever else they have at their disposal for parallel computing.
Then once they find a password; they'll take that and the user name / email address and shotgun it into any other site they can find to see if it works there too. Did you use the same password for Playstation as you did for your bank? Ooops. They're in.
If you were clever and did something like my psn password is psn_whatever then that's a bit of a defense, but if they happen to notice they'll just fix it up... psn_xyz is for PSN... so try bmo_xyz for Bank of Montreal, hsbc_xyz for HSBC...
The point is they rarely actually hit the bank's online web portal more than a few times. The big attacks take place offline on stolen databases.