Pass-phrases not Passwords

Everybody has been told about the importance of using a strong password. Now most people probably took their previously weak password (e.g. "fluffy") and just capitalized the first letter and threw on a number to make it a "strong" password. But how strong is "Fluffy1" compared to "fluffy"?

With some major advancements that have happened in the past few years, even a long (by most people's standards) password of 8-9 characters can be brute-force cracked by a computer in only a couple of days.