Passwords are one of the few places I've ever used 1337 on a regular basis (bad jokes being the other).
Just using the basic vowel conversion should generate 'words' that are easy to remember, but that won't show up in a dictionary attack.
tree = Tr33, teak = T34k, tick = T1ck ....
Any system using passwords these days should have some sort of lock out / delay feature that would prevent a brute force attack online. The areas where users face a risk because of password strength are where hardware security is compromised and a cracking tool can be run directly against the password file. .. in other words, it's a pretty small risk, and passwords beyond a certain strength are really only there to make us feel better.
The real risks are unsecured / poorly encrypted wireless, malware, and social hacks.