My passwords are of decent strength, at least 9 characters (usually 10 to 12), and usually a mix of letters upper and lower, numbers and a symbol or two. Passwords never repeat, not even for email addresses.

Anyway, on sites that support it, I can easily increase password length to 20 or more characters, since I don't memorize them anyway, but that's not why I want non-public info for login.

"Security" through obscurity is very simple but also very effective for the sites I'd like it for. At least for the reasons I'd like it for.