These people have published details about how they used Amazon EC2 to crack passwords:
Personally, I skipped all the details and went straight to the interesting conclusions page:
It tells you how much it will cost someone (in EC2 charges) to crack your passwords, based on their lengths and the number of characters you use.
I used to think 8 characters was a good password. Seems it is worth about $3, or $45 if I've mixed in some numbers. Gulp. And all this is assuming there are no dictionary words in there. Double gulp.