The length of the passphrase depends on the type of security used -- WEP/WPA.
The usual advice is to include a jumble of numbers and letters (capitalised and lower case) but this usually results in something you will be unable to remember without writing it down (which isn't so smart).
A compromise is to use something like a friend's name or deceased pet's name and add some numbers or another word. I suspect it's a good idea to avoid as far as possible using a word which contains the same letter repeated (for example password) -- because as a fan of word puzzles I know that this can be a clue to the rest of the word.
Generally I write user names and passphrases in a book only I can access easily so that when I forget at least I know where to look.